|
BA hacked but they're 'deeply sorry'
380K bank cards allegedly. Check your bank accounts if you booked in the last two weeks according to below.
https://www.msn.com/en-gb/news/newsm...len/ar-BBMY18u |
LOL, there is no such thing as safe computing, there never will be unless you build you own hardware and write your own entire software stack (including compiler) FROM SCRATCH. This has been known since before outside the military since 1983, as demonstrated by Ken Thompson, with a proof: Why You Shouldn't Trust Ken Thompson.
Original Paper:Reflections on Trusting Trust To: what extent should one trust a statement that a program is free of Trojan horses? Perhaps it is more important to trust the people who wrote the software. He references a much earlier finding about this know flaw, and in virtually every computer system ever produced is vulnerable. |
Alex Cruz, British Airways' chairman and chief executive, said: "We are deeply sorry for the disruption that this criminal activity has caused. We take the protection of our customers' data very seriously." Of course, the Board of BA (and the Director of IT in particular) must be very relieved that this is 'criminal' activity as then it's not their fault and no one will have to lose their gold plated job, company car and pension. :D |
website security
Originally Posted by PAXboy
(Post 10243179)
But not seriously enough!
https://cimg3.ibsrv.net/gimg/www.gmf...b7492dfda.jpeg |
You could do it from the inside. Just saying
|
Originally Posted by CurtainTwitcher
(Post 10243174)
LOL, there is no such thing as safe computing, there never will be unless you build you own hardware and write your own entire software stack (including compiler) FROM SCRATCH. This has been known since before outside the military since 1983, as demonstrated by Ken Thompson, with a proof: Why You Shouldn't Trust Ken Thompson.
Original Paper:Reflections on Trusting Trust To: what extent should one trust a statement that a program is free of Trojan horses? Perhaps it is more important to trust the people who wrote the software. He references a much earlier finding about this know flaw, and in virtually every computer system ever produced is vulnerable. |
A little light reading from El Reg to shed some more light on the issue:
https://www.theregister.co.uk/2018/0...irways_hacked/ |
Originally Posted by Yournamehere
(Post 10243183)
The standard of BA's IT across a number of areas has been shown to be well below par over the last couple of years or so.
There also seems to be a lack of serious ownership of the issues by BA too but will any heads roll? |
BigDotStu is right - as soon as you connect to the outside world your system integrity is compromised. You might have written it yourself but eventually someone cleverer that you is going to find the loophole you don't know anything about. Unfortunately in this day and age not being connected isn't a practical option.
|
Of course they are sorry, GDPR and the new scale of fines available for incidents like this will make them very sorry indeed.
|
From The Register article: “The biz, which bills itself as
BA hasn't billed itself as that for about 25 years or so. I think they know that wouldnt stand up nowadays. |
Originally Posted by TURIN
(Post 10243417)
The heads have already rolled, the IT department was outsourced a while ago.
I have just moved my phone/broadband service and it turns out the new provider outsources their support to India. I am now receiving an average of 5 calls per day from scammers reporting that my broadband/pc/router/tablet/phone has a problem that they can fix remotely. The last call today was from a woman with a sub-continent accent (with callcentre noise in the background) claiming to be from the Telephone Preference Group( note not Telephone Preference Service - the correct organisation) asking for personal/financial details. As I ported my number over from my previous supplier and have been a subscriber to TPS for years I'm pretty sure it is not coincidence that I'm now known to an Indian callcentre and am receiving these calls. |
Half a billion quid fine, so I'm hearing.
|
What realy concerns me is what exactly has been stolen. If full personal data such as DOB, address, etc. is now in the hands of crooks, they may use it in the future. It is ID theft that I would imagine is the biggest threat. Credit cards may be replaced but what can we now do to protect ourselves against the fact that our ID`s may be used for all kinds of mischief.
GDPR and all that fuss and what do you get, a monumental cockup. Can we please have the old IATA paper ticket and the travel agent back. I`d rather pay more than end up being cloned by some bandid and his Ipad. |
Originally Posted by Chronus
(Post 10243733)
What realy concerns me is what exactly has been stolen. If full personal data such as DOB, address, etc. is now in the hands of crooks, they may use it in the future.
|
That is what you get when you outsource your IT department to cut wages. BA managers thought they were being smart when they made scores of experienced IT personnel redundant, and replaced them with inexperienced staff. It just goes to show that there is a lot of truth in cliches such as, when you pay peanuts you get monkeys. BA are finding out the hard way that having well-trained, loyal, well-paid staff, is better than having an outsourced company over which you have no control of standards, training and personnel. BA has learned nothing from the shambles that is outsourcing, which has created havoc in both the public and private sectors. What do BA managers care, it is only reputation, business, and ultimately jobs that are going to suffer the consequences. They managers will be long gone in to the distance, business degrees in hand, when that happens. |
"BA managers thought they were being smart", ultimate contradiction in terms
|
Sadly, I can't see that changing their approach. They will continue to presume that it is someone else's fault.
|
Originally Posted by Ex Cargo Clown
(Post 10243702)
Half a billion quid fine, so I'm hearing.
Always wondered.... Is that used to compensate ' victims' or would, in this case, BA, have to cough up for that as well ?? Only asking because there appear to be no details of who keeps the fines or what the money is used for when companies such as Miccrosoft, Google, HSBC, etc, get fined $ billions by different governments and statutory authorities. |
Originally Posted by Hussar 54
(Post 10243827)
Always wondered....
Is that used to compensate ' victims' or would, in this case, BA, have to cough up for that as well ?? Only asking because there appear to be no details of who keeps the fines or what the money is used for when companies such as Miccrosoft, Google, HSBC, etc, get fined $ billions by different governments and statutory authorities. |
| All times are GMT. The time now is 00:18. |
Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.