British Airways has suffered a massive data breach with hackers accessing the personal and payment details of about 380,000 bookings over a two week period.
Parent company International Airlines Group said that it was “investigating, as a matter of urgency, the theft of customer data from … ba.com and the airline's mobile app.”
“From 22:58 BST August 21 2018 until 21:45 BST September 5 2018 inclusive, the personal and financial details of customers making bookings on ba.com and the airline's app were compromised,” it said.
The airline said that the stolen data “did not include travel or passport details.”
British Airways' chairman and chief executive Alex Cruz apologised to customers “for the disruption that this criminal activity has caused.”
“We take the protection of our customers' data very seriously,” he said.
British Airways said it had notified the police and “relevant authorities” about the breach.
It said it would manage any compensation claims “on an individual basis” but urged customers to contact their bank or card issuer in the first instance.
The UK’s National Cyber Security Centre said in a brief statement that it was “aware of reports of a data breach affecting British Airways.”
“We are working with partners to better understand this incident and how it has affected customers,” a spokesperson said.