British Airways (BA) is in turmoil as the latest company to experience a large-scale data breach. The CVV codes of 380,000 customers were stolen in the data breach, and the numbers were compromised during payment processing ( companies receiving payment cannot store CVV numbers, even if encrypted). According to cybersecurity researcher Lukasz Olejnik –
“I believe it might be the worst financial data breach of all time in the transportation sector, increasingly chosen as a target of cyber attacks.”
Poor response to a major data breach?
According to an article from The Conversation, the BA response to the hack was less than ideal, and this is not the first time the company has been sloppy in its response to data breaches. The hack itself took place over a period of two weeks without any alarms sounding.
Bookings made between September 21st and August 5th were affected, and the transport company failed to disclose much information in its initial statement, particularly that the CVV numbers were compromised. Customers were told to contact their banks, without actually being told that card details had been compromised.
Customers will be compensated for the breach of their data and banks have been sending out replacement cards in the meantime. The extent of the damage is not yet known in terms of fraud committed with the card details. The data breach was reported quickly, and this is largely attributed to the implementation of the GDPR legal policies which recently came into effect, forcing companies to alert the public in good time.
Hacks all around.
People often cite cybersecurity issues as a cause for concern in terms of cryptocurrency adoption, with multiple exchanges being hacked and other data breaches occurring. But this is not really a fair analysis, given that the number of data breaches is rising across all industries and sectors which include companies, universities, online businesses, banks, and government institutions. The European Central Bank has itself been hacked, along with Equifax, Evernote, Yahoo, Dropbox, the Colorado government, Adobe, Ameritrade, Apple, AT&T, the list goes on. BA was last hacked in 2015. It is now a regular occurrence, and a transition must be made soon to deal with the epidemic.
It is altogether possible that decentralized operations will be the only way to protect data from cybercriminals, as there is an increasing number of attack vectors. Keeping all data in one place, no matter how secure, is a recipe for disaster and the number of data breaches is growing rapidly. There could soon come a time where data is only secure when it is decentralized, and it is a well-known fact among cybersecurity specialists that there is always a way to compromise centralized systems.
Digital Nomad with an interest in Zen and Blockchain technology.
Law graduate with 3 years experience as a consultant in the capital markets industry and 4 years experience freelancing on UpWork as a Creative Writer.