British Airways reported a breach last week that affected about 380,000 customers’ data. Threat management firm RiskIQ revealed today that the same criminal group behind a Ticketmaster UK breach also attacked British Airways.
In a previous report, RiskIQ found that Ticketmaster’s breach was the work of the criminal group Magecart. It injected scripts onto a compromised customer service product on Ticketmaster’s site in order to steal personal data. According to RiskIQ, Magecart tends to use scripts to steal customer data that are entered on online payment forms, usually through compromised third-party services these sites use.
Users affected by the British Airways breach should get a new credit or debit card from their bank and cancel the old one.