British Airways data breach put customers' financial info at risk

Customers who made bookings between Aug. 21 and Sept. 5 may have been affected.

Gordon Gottsegen CNET contributor
Gordon Gottsegen is a tech writer who has experience working at publications like Wired. He loves testing out new gadgets and complaining about them. He is the ghost of all failed Kickstarters.
Gordon Gottsegen
HSBC London Sevens - Day Two - Twickenham Stadium

British Airways says it's investigating the breach.

Adam Davy/PA Images

British Airways said on Thursday it's investigating a data breach that resulted in the theft of customer data.

BA says the breach is now resolved, but customers may have had their personal and financial information exposed if they made bookings in the last couple of weeks. Specifically, the affected period is from 10:58 p.m. BST (2:58 p.m. PT) on Aug. 21 and 9:45 p.m. BST (2:45 p.m. PT) on Sept. 5. 

The stolen data did not include passport or travel info, according to the airline. Both the British Airways app and website were hit by the breach.

About 380,000 card payments were affected by the breach, Reuters reports, citing International Airlines Group, BA's parent company.

BA says it will be contacting customers who were affected, and advises them to contact their banks and credit card providers.

Alex Cruz, CEO of BA, said in a statement, "We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers' data very seriously."

The data breach involved customers who booked through BA in a certain timeframe, similar to previous hacks that affected Best Buy and Adidas.

Watch this: A Concorde gets a new home

A supersonic life: The story of Concorde Alpha Foxtrot

See all photos