It has been recently reported that British Airways are the victim of a second hack, that has affected 185,000 people. Customers of BA may have had payment card details stolen in the most recent attack on the BA website.
Dr Guy Bunker, SVP of Products, Clearswift, comments on the second BA hack:
“Finding a second attack is not uncommon. And there may well be more. The sophisticated attacks which are now carried out by organised criminals are designed to have multiple aspects – such that if one is discovered there are secondary or tertiary attacks ongoing. When finding one vulnerability in an IT infrastructure it will be exploited to its maximum, and within that exploit further discovery will be carried out as to what other pieces of malware can be introduced. Once an infection takes hold of an environment, it often becomes easier to start from scratch to rebuild it rather than try and take out the malware infections one by one – where, if you miss one as it is hibernating, you could end up back at square one in a few weeks or months’ time.
From a GDPR perspective, this could be seen as a separate incident, therefore two sets of fines could be imposed. Time will tell if this is the case. What is certain is that BA will need to redouble their efforts to prove that they and their suppliers have a malware free infrastructure in order to begin the process of rebuilding trust with its customers.”
(6)
Article Link: http://digitalforensicsmagazine.com/blogs/?p=2546