In the previous issue, I wrote about the event study and investigation of this cyber-attack at British Airways. Now let’s take a deep dive into the results of this cyber-attack. A ticket master website was being used in this process of malfunctioning. A digital skimmer was placed in the ticker master secretly. This Magecart was used to transform more than hundreds and thousands of records. There were no hits in the case of British Airways blacklist. The skimmer was completely customized, thus there no suspicion at all. The baggage claim information page was used for loading all the data.
Now let’s take a deep dive into the results of this cyber-attack at British Airways. This investigation had led ICO to fine the British airways. The fine amount was around 183.39M. This incident has affected around 500,000 customers and it had already started in June 2018. Later the ICO and British Airways worked together, and thus various changes and improvements were made in the security process. Personal data of around 185,000 card holders was not notified earlier. Magecart was something was previously used in the stealing process of a debit card or a credit card. It was even used and involved in the PII stealing actions. A PII log functionality was the one which was used to find out all the information entered in the payment details form by the customers. British Airways had to clear a huge penalty imposed on them. Around 1.8 percent of the total turnover was the penalty amount for the British Airways.