(Reuters) - International Airlines Group said an investigation into the theft of customers’ data at its British Airways unit showed hackers may have stolen the personal information of a further 185,000 customers.
British Airways apologized in September after the credit card details of hundreds of thousands of its customers were stolen over a two-week period in the most serious attack on its website and app.
On Thursday BA said that it was notifying the holders of another 77,000 payment cards that the name, billing address, email address, card, payment information including card number, expiry date and security codes had potentially been compromised, and a further 108,000 without the security code.
British Airways also revised down its original estimate of 380,000 cards compromised, saying only 244,000 of those were affected.
This takes the total number of payment cards potentially affected by the hack to 429,000.
However, British Airways confirmed that it had no verified cases of fraud since the announcement on Sept. 6, adding that potentially impacted customers were only those making reward bookings between April 21 and July 28 and who used a payment card.
A BA spokeswoman told Reuters the airline would reimburse customers who suffered financial losses as a direct result of the data theft.
The attack came 15 months after the carrier suffered a computer system failure at London’s Heathrow airport, which stranded 75,000 customers over a holiday weekend.
International Airlines Group were up 2.8 percent at 581.4 pence by 1515 GMT.
Reporting by Arathy S Nair and Noor Zainab Hussain in Bengaluru; Editing by Elaine Hardcastle and David Holmes