British Airways has released information regarding the hacking of a number of their Executive Club (BA’s frequent flyer programme) member’s accounts. Unlike many recent hacks, this is not about someone gaining access to BA’s systems but rather a failing by many of their customers to follow good password practice. The underlying story here is that hackers have targeted a third-party system, as yet undisclosed, and appear to have harvested usernames and passwords which have then been used to gain access to the Executive Club site. BA have taken steps to reset the passwords on the compromised accounts and have already contacted the affected customers. BeyondTrust, as a leading security vendor, would advise users to take steps to ensure they are not reusing old passwords or passwords used elsewhere. There are many end-user products that can help by managing those passwords for you, generating new, unique passwords also automatically completing login forms for you. All secure and all ensuring that you aren’t using the same password for multiple sites.
Like all security, your safety on the internet is only as good as the weakest link. As users both in the office and on the internet, it’s important that we understand that we are as much responsible for the security of our data as those companies we entrust with it. Make sure you don’t reuse passwords and make sure each password you use is unique. It’s not difficult and the tools out there help you do it in a simple, secure manner.
