Malicious Code Used in British Airways Hack Found
A researcher from cybersecurity firm RiskIQ said that he had discovered a “skimming script” on the British Airways website which may have been used by hackers to steal financial data. The airline was recently hit by a breach that compromised the data of around 380,000 customers.
The code was said to have been customized to take advantage of British Airways’ payment page, which suggests that the hackers carefully planned how to attack the website.
It was also pointed out that it is common practice for large websites to embed chunks of code from third-parties and other sources, and the malicious code may have been slipped in by the hackers at this juncture.