British Airways Website, Mobile App Hacked, Impacting 380K Customers

Today’s topics include a British Airways data breach exposing information about 380,000 customers, and a watchdog group bypassing Google controls to buy divisive political ads.

British Airways disclosed on Sept. 7 that it was the victim of a data breach that exposed details on 380,000 customers from the British Airways mobile application and website at The airline noted in its advisory that stolen data did not include customers’ passport information or travel details.

However, hackers did steal names, addresses and payment card details of customers who used the website or mobile app between Aug. 21 and Sept. 5.

British Airways is guaranteeing to its customers reimbursement of any financial losses incurred in the breach and “is recommending that customers contact their bank or card provider if they made a booking or change to their booking between [Aug. 21 and Sept. 5].”

Watchdog group Campaign for Accountability announced on Sept. 4 that it was able to buy politically divisive ads on Google while posing as the Internet Research Agency, which allegedly purchased thousands of dollars of ads on Google in 2016 to influence U.S. elections.

The watchdog group replicated the IRA’s 2016 campaign using a Russian Google AdWords account established with a burner phone from Panama, paid for the ads via Russia's Yandex payment service, and used a VPN so any IP number that Google logged would appear to be from St. Petersburg, Russia, the city where the IRA is based.

The ads ran on several major U.S. media websites and YouTube channels while Google did nothing to stop them despite all its claims about implementing controls for preventing such misuse.

According to Campaign for Accountability Executive Director Daniel Stevens, "Google has failed to keep its promise to prevent foreign actors from interfering in our elections. Google is more interested in pocketing rubles than protecting American democracy.”