TTG - Travel Trade Gazette
For Smarter, Better, Fairer Travel
Search
User Menu
Remember me

New to TTG?

Hello! You are viewing your 1 free guest article this week


Please log in or join now for free, immediate and unlimited access to our award-winning online content. Find out more...

Join us
Already a member? Log in here

Online card skim

Online card skim

“Since 2016, RiskIQ has reported on the use of web-based card skimmers operated by the threat group Magecart,” said the firm in a research note, issued on Tuesday (September 11).


“Traditionally, criminals use devices known as card skimmers — devices hidden within credit card readers on ATMs, fuel pumps, and other machines people pay for with credit cards every day — to steal credit card data for the criminal to later collect and either use themselves or sell to other parties. Magecart uses a digital variety of these devices.


“Magecart injects scripts designed to steal sensitive data that consumers enter into online payment forms on e-commerce websites directly or through compromised third-party suppliers used by these sites.


“Recently, Magecart operatives placed one of these digital skimmers on Ticketmaster websites through the compromise of a third-party functionality resulting in a high-profile breach of Ticketmaster customer data.


“Based on recent evidence, Magecart has now set their sights on British Airways, the largest airline in the UK.”


The group added: “As we’ve seen in this attack, Magecart set up custom, targeted infrastructure to blend in with the British Airways website specifically and avoid detection for as long as possible.


“While we can never know how much reach the attackers had on the British Airways servers, the fact that they were able to modify a resource for the site tells us the access was substantial, and the fact they likely had access long before the attack even started is a stark reminder about the vulnerability of web-facing assets.”

Criminal investigation

Criminal investigation

A British Airways spokesperson said: “As this is a criminal investigation, we are unable to comment on speculation.”


The theft is being investigated by the National Crime Agency, which said specialist officers from its National Cyber Crime Unit were working with BA to “gain a better understanding of the incident”.


“Our investigations into these types of incidents are often complex and take some time before the full details can be established,” said the NCA in a statement.


“We know ’opportunist’ criminals often use incidents like this to conduct secondary fraud attacks.

 

"Anyone who thinks they may be affected should remain vigilant of potential fraudsters seeking access to personal details. Any suspicious activity should be reported to Action Fraud.”

Our Next Events

TTG Luxury Travel Summit

TTG Luxury Travel Summit

Luxpo London

Luxpo London

TTG New to Cruise Festival

TTG New to Cruise Festival

TTG Luxury Travel Awards

TTG Luxury Travel Awards

TTG Top 50 Travel Agencies

TTG Top 50 Travel Agencies

TTG Travel Awards

TTG Travel Awards

TTG - Travel Trade Gazette
For Smarter, Better, Fairer Travel
TTG Media Limited.
Place of registration: England and Wales.
Company number 08723341.
Registered address: New Bridge Street House, 30-34 New Bridge Street, London EC4V 6BJ