British Airways is investigating the theft of data including personal and credit-card details from customers who used its website and mobile app to make reservations.
The stolen data didn’t include travel or passport details, the International Consolidated Airlines Group SA subsidiary said Thursday in a statement. The airline said it had notified police and relevant authorities, and was reaching out to affected customers.
The breach took place between 10:58 p.m. London time on Aug. 21 and 9:45 p.m. on Sept. 5. An airline representative said by email that 380,000 payments were involved. Anyone who believes they may have been affected should contact their banks and credit-card providers.
“We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers’ data very seriously,” British Airways Chairman and Chief Executive Officer Alex Cruz said in the statement.