Got something to say or just want fewer pesky ads? Join us... 😊

[Misc] BA hacking, anyone had their card used fraudulently since?



Icy Gull

Back on the rollercoaster
Jul 5, 2003
72,015
Here you go https://www.badatabreach.com

This has been plaster across the various media outlets, SPG specialise in group/class action lawsuits again big companies.

OK so I went online and answered two questions. 1) Do you think you have been a victim of the BA data breach? I answered yes.

2) Have you received an email from BA notifying that you have been a victim. I answered No

Apparently I am not eligible

I used my card on BA a few times at the end of August and have now, for the first time ever, had fraudulent activity on the card

How can I not be eligible, just because BA haven’t bothered to notify me? Obviously I cannot be certain my information was compromised on the BA site but it’s one hell of a coincidence.
 




SeagullSarge

Active member
Jul 8, 2012
230
We're all a bit pissed off about it, but what personal impact/loss have you suffered that personal financial compensation will mitigate ? They will be held accountable for their actions - the ICO will be all over them

My personal details and bank details have been stolen by criminals, all Information I trusted BA with. Its not about financial loss, its holding BA accountable for their actions in the only way they will understand. The ICO may well be all over them, but how does this compensate for hassle, anguish and time their customers have had to take to sort this mess out, individually the amount which could be potentially compensated is not a lot, collectively it will make BA sit up and take notice.
 


Rugrat

Well-known member
Mar 13, 2011
10,224
Seaford
Revolut (and I assume others now) have a virtual card. It means that every time you use the card online the number changes (basically generates a random number for online only)

Good way to avoid fraud although I guess the bad guys will figure it out even before the laggard banks introduce it
 


dazzer6666

Well-known member
NSC Patron
Mar 27, 2013
55,603
Burgess Hill
My personal details and bank details have been stolen by criminals, all Information I trusted BA with. Its not about financial loss, its holding BA accountable for their actions in the only way they will understand. The ICO may well be all over them, but how does this compensate for hassle, anguish and time their customers have had to take to sort this mess out, individually the amount which could be potentially compensated is not a lot, collectively it will make BA sit up and take notice.

Stolen by criminals...........but hold BA accountable....bit of a contradiction, but agree BA should have done more to protect the data. You haven't claimed to have suffered any actual loss though ? Still sounds like the main objective is getting some cash out of them.............
 


Official Old Man

Uckfield Seagull
Aug 27, 2011
9,117
Brighton
Don't get me started on cards. Few years back a £75 sale appeared on my statement for flowers. As my usual purchase is £4.99 from a petrol station, my wife started divorce proceedings straight away! Also just received a new card due to using ticketmaster. What a pain having to change all online details.
About ten years back I watched my card get 'swiped' through a second machine. Called my bank immediately.
 




SeagullSarge

Active member
Jul 8, 2012
230
Stolen by criminals...........but hold BA accountable....bit of a contradiction, but agree BA should have done more to protect the data. You haven't claimed to have suffered any actual loss though ? Still sounds like the main objective is getting some cash out of them.............

Max compensation would be around £650 per person, for me that is not a lot of money so I reject you claim I am just after some cash. The details were stolen by criminals (not really sure what else you can call them, can you think of a better tag considering what they did is a criminal activity?), but BA are fully responsible for their customers data handling and storage which they did not manage. I struggle to see the contradiction here? If you read my post I made it quite clear that the compensation would be for "hassle, anguish and time their customers have had to take to sort this mess out", any financial loss is already covered by your bank/BA.
 


dadams2k11

ID10T Error
Jun 24, 2011
5,024
Brighton
2 things come to my mind.

1) How do these people use the cards without getting caught? Surely there is CCTV in stores to capture the transactions and then CCTV around the streets. After all, we are the most watch country.

2) Why the f8ck have these big companies not got in house Pen Tester? Makes no sense what so ever with all the cyber crime going on. You can hire one from £50k pa.
 


Icy Gull

Back on the rollercoaster
Jul 5, 2003
72,015
2 things come to my mind.

1) How do these people use the cards without getting caught? Surely there is CCTV in stores to capture the transactions and then CCTV around the streets. After all, we are the most watch country.

This was about capturing the card number, name, expiry date and CVC then using it online not in a shop I think


I am curious about how they take delivery, I mean your not going to steal info and have parcels sent to your home address are you?
 




dazzer6666

Well-known member
NSC Patron
Mar 27, 2013
55,603
Burgess Hill
This was about capturing the card number, name, expiry date and CVC then using it online not in a shop I think


I am curious about how they take delivery, I mean your not going to steal info and have parcels sent to your home address are you?

I had my card cloned once, was used to buy air and rail tickets in Eastern Europe (multiple countries). Barclaycard picked it up pretty quickly and called me to say they'd blocked the card due to 'unusual activity'. I guess anyone can buy an air ticket for anyone else, but suspect the flight has been taken by the time they get round to investigating it (if they can even be bothered - there's a de minimis amount I suspect where it's simply not cost effective and the card companies just see it as a cost of doing business

I guess with home delivery it's stolen card details, delivering to false names at perhaps temporary addresses.....when and if it gets investigated, police turn up at the house and ask for the addressee of the parcel, all the person there needs to do is say 'no one here by that name' and they're pretty stuffed really.
 


Dorset Seagull

Once Dolphin, Now Seagull
This was about capturing the card number, name, expiry date and CVC then using it online not in a shop I think


I am curious about how they take delivery, I mean your not going to steal info and have parcels sent to your home address are you?
On your 2nd point, many years ago we had some towels delivered by Very. We didn’t have a Very account so rang them about it. It seems someone had stolen the wife’s identity somehow and ordered the towels. It turns out the fraudsters will have a small value delivery to the correct home address and then on a more expensive value delivery get the delivery address changed to somewhere else. Can’t remember the full details now but I think they followed up the original order with an order for a couple of iPods or something which were delivered to an address in London
 


swindonseagull

Well-known member
Aug 6, 2003
9,406
Swindon, but used to be Manila
I wondered why my Virgin card was being refused yesterday and this morning. Virgin let me know that they were replacing my card about two days after the hacking came to light. I thought it was a little irritating but could see the reasoning.

I was told my old card would work for another two weeks and would be cancelled as soon as I used the new one, which I only received yesterday.

Over the last couple of days I have had my card refused so figured that Virgin had cancelled it early. Went on today to activate the new card to find some See you next Tuesday from the Mansfield area had used my card to buy shoes and clothes. As I don’t shop in Mansfield and I haven’t ordered any clothes or shoes on my card it came as a bit of a shock.

Full marks to Virgin for stopping the card when they spotted unusual activity on my card as it turns out the little scrote had tried the card in a number of shops online since yesterday. Virgin have agreed to refund the items which didn’t really come to that much, so all good there.

Anyone else on here been done?.

This is a first for me.

Had to change my Virgin Credit Card and a debit card but so far no unsual activity.

virgin and my bank had no problems changing the cards especially as the 3 numbers on the back were compromised..
 




Horton's halftime iceberg

Blooming Marvellous
Jan 9, 2005
16,491
Brighton
Used my AMEX issued by LLoyds to buy flights. They have not cancelled and so far nothing.

Has anyone managed to log into the free Experian (I know the irony) service with the free code sent out by BA. If I try it just takes me to a payment page with no where to enter the free code.
 


Horton's halftime iceberg

Blooming Marvellous
Jan 9, 2005
16,491
Brighton
This site complied this list from its users coments.

https://www.flyertalk.com/forum/bri...igating-theft-personal-financial-data-64.html

American Express - A recorded message says they are aware of the breach, there is no need to take any further action and if you suffer any financial loss you will be fully compensated; an email says: "There is no action you need to take – we will contact you immediately if there's any unusual activity with your Account. In the meantime you can continue to use your Card as normal" (see post 293, post 401, post 470 and post 491).
Barclaycard - They just assured me I was fully protected, and I didn't need to do anything yet (see post 253); however at 18.20 on 7/9/18 the customer service helpline automated message says that affected cards are being reissued (see post 511).
Barclays Bank - They have contacted people they believe to have been affected, and have blocked their cards from online use (website/app), but the cards remain valid for physical (chip & PIN) transactions in shops, ATMs etc. New cards being dispatched "within a week" (see post 918).
Capital One - online transactions being blocked, new cards being issued (see post 493).
HSBC Premier Mastercard - Offering customers the option to freeze the card or replace it with a new card (see post 274).
Lloyds - Said "wait and see", but did give the option to cancel the card and have it reissued (see post 403).
Lloyds Mastercard - Based on the information they have, fraudulent use of my card is unlikely, just keep an eye on online banking and report anything suspicious (see post 370).
Monzo - Automatically replacing all cards (see post 371).
Natwest- Of the opinion that as there had been no fraudulent activity on my account to just keep an eye on things, and to call immediately if any suspicious transactions appear and fraud team would refund (post 315).
Sainsburys Bank - seem to be replacing all cards proactively (see post 968)
Starling - Automatically replacing cards (see post 460).
Tesco Bank - Pro-actively sending a new card as per details in this post (post 484)
TSB - Call the Telephone Banking Team on 03459 758758 to discuss further (see post 437).
Vanquis - online transactions being blocked, new cards being issued (see post 493).
 


swindonseagull

Well-known member
Aug 6, 2003
9,406
Swindon, but used to be Manila
OK so I went online and answered two questions. 1) Do you think you have been a victim of the BA data breach? I answered yes.

2) Have you received an email from BA notifying that you have been a victim. I answered No

Apparently I am not eligible

I used my card on BA a few times at the end of August and have now, for the first time ever, had fraudulent activity on the card

How can I not be eligible, just because BA haven’t bothered to notify me? Obviously I cannot be certain my information was compromised on the BA site but it’s one hell of a coincidence.

Reference question 2.....have you received any emails from BA saying your details may have been stolen?
So far I have received about 3 emails including a years free membership of Equifax.

Are those emails not enough to say you have been a 'victim'? after all how would BA know if your card has been fraudulently used?
 




Horton's halftime iceberg

Blooming Marvellous
Jan 9, 2005
16,491
Brighton
Used my AMEX issued by LLoyds to buy flights. They have not cancelled and so far nothing.

Has anyone managed to log into the free Experian (I know the irony) service with the free code sent out by BA. If I try it just takes me to a payment page with no where to enter the free code.

Just seen this post on the same thread

The email from BA gives you a personal "Activation Code".

However, when you get to the signup forms for ProtectMyID, you put the code into the second page of the sign up form in the "Promotional Code" field.


Note: you do need to supply a Visa or Mastercard number below the Promo code - but this is to check your ID and not to charge you.
 


swindonseagull

Well-known member
Aug 6, 2003
9,406
Swindon, but used to be Manila
Just seen this post on the same thread

The email from BA gives you a personal "Activation Code".

However, when you get to the signup forms for ProtectMyID, you put the code into the second page of the sign up form in the "Promotional Code" field.


Note: you do need to supply a Visa or Mastercard number below the Promo code - but this is to check your ID and not to charge you.

My free experion went through OK im just waiting for the PIN thats supposed to arrive in the post to activate the account.
 


This site complied this list from its users coments.

https://www.flyertalk.com/forum/bri...igating-theft-personal-financial-data-64.html

American Express - A recorded message says they are aware of the breach, there is no need to take any further action and if you suffer any financial loss you will be fully compensated; an email says: "There is no action you need to take – we will contact you immediately if there's any unusual activity with your Account. In the meantime you can continue to use your Card as normal" (see post 293, post 401, post 470 and post 491).
Barclaycard - They just assured me I was fully protected, and I didn't need to do anything yet (see post 253); however at 18.20 on 7/9/18 the customer service helpline automated message says that affected cards are being reissued (see post 511).
Barclays Bank - They have contacted people they believe to have been affected, and have blocked their cards from online use (website/app), but the cards remain valid for physical (chip & PIN) transactions in shops, ATMs etc. New cards being dispatched "within a week" (see post 918).
Capital One - online transactions being blocked, new cards being issued (see post 493).
HSBC Premier Mastercard - Offering customers the option to freeze the card or replace it with a new card (see post 274).
Lloyds - Said "wait and see", but did give the option to cancel the card and have it reissued (see post 403).
Lloyds Mastercard - Based on the information they have, fraudulent use of my card is unlikely, just keep an eye on online banking and report anything suspicious (see post 370).
Monzo - Automatically replacing all cards (see post 371).
Natwest- Of the opinion that as there had been no fraudulent activity on my account to just keep an eye on things, and to call immediately if any suspicious transactions appear and fraud team would refund (post 315).
Sainsburys Bank - seem to be replacing all cards proactively (see post 968)
Starling - Automatically replacing cards (see post 460).
Tesco Bank - Pro-actively sending a new card as per details in this post (post 484)
TSB - Call the Telephone Banking Team on 03459 758758 to discuss further (see post 437).
Vanquis - online transactions being blocked, new cards being issued (see post 493).

Tesco credit card stopped working while we were on holiday. Got back last night and contacted them first thing, was told we had been sent a new card.

Couple of things:

The new card has indeed arrived, sadly it arrived the day we flew out.

I've never used BA for anything.

Subsequent communication has revealed there has been another breach but Tesco Bank won't tell us who it was.
 


dazzer6666

Well-known member
NSC Patron
Mar 27, 2013
55,603
Burgess Hill
Tesco credit card stopped working while we were on holiday. Got back last night and contacted them first thing, was told we had been sent a new card.

Couple of things:

The new card has indeed arrived, sadly it arrived the day we flew out.

I've never used BA for anything.

Subsequent communication has revealed there has been another breach but Tesco Bank won't tell us who it was.

These kind of breaches are really quite common.....only the catastrophic ones get made public.....
 




thedonkeycentrehalf

Moved back to wear the gloves (again)
Jul 7, 2003
9,358
...which is a bit of a pain where I have it stored with online retailers. Although given the increasing number of hacks on large companies who really should have more secure sites I'm now very reluctant to agree to store my card details to make future purchases easier,

I know it is convenient but you should try to avoid storing cards online where possible as that only increases your risk of being compromised. In the BA case it wouldn't have made any difference but is good practice.
 


pastafarian

Well-known member
Sep 4, 2011
11,902
Sussex
If your card is fraudulently used, there really is no need to panic or worry - replacement cards and full refunds will usually be very quick as [MENTION=33885]Badger Boy[/MENTION] states - card issuers get slaughtered by regulators for not dealing with things like this rapidly.

My sister has had her card used fraudulently from this data balls up.It was cleared up very quickly though, new card issued and refunds given. She has just found out though her credit rating has taken a big knock since and as yet doesnt know if it is related.
 


Albion and Premier League latest from Sky Sports


Top
Link Here