British Airways' summer of failure

Image: iStock
Image: iStock

The news that British Airways suffered an enormous data breach affecting almost 400,000 customers including personal and financial details is just the latest in a series of IT chaos that has plagued the airline this summer. Just what is going on at BA?

Share

The news that British Airways suffered an enormous data breach affecting almost 400,000 customers including personal and financial details is just the latest in a series of IT chaos that has plagued the airline this summer. Just what is going on at BA?

Last year an enormous IT failure caused by a power supply problem near Heathrow stranded as many as 75,000 customers over a holiday weekend. Although chief executive Alex Cruz faced calls to resign he refused but apologised at the time while committing to an investigation into the serious systems failure, describing it to Sky News as "catastrophic".

Trade union GMB quickly responded to the incident and said that the "disastrous" failure could have been avoided had BA not outsourced a number of IT staff to a third party in India.

It wasn't long before BA and its IT issues were in the news again.

Roughly a year later in July 2018, another enormous IT failure forced the airline to cancel and delay flights. It blamed a "supplier" for the problem. Users railed against BA online, who then found - astonishingly - that its social media team was asking users to send personal information via direct message on Twitter, described variously at the time as an enormous "fail" and "quite the opposite of GDPR compliance".

Official BA accounts tweeted users to confirm their full name and booking reference plus passport numbers, expiry date, billing addresses, postcodes, and email addresses, as well as the last four digits of their payment cards - "to comply with GDPR".

Could this have anything to do with the latest in a string of disasters at the beleaguered airline?

According to chief executive Alex Cruz, who was forced to apologise again, BA suffered a "sophisticated, malicious criminal attack". Personal and financial details were stolen relating to roughly 380,000 transactions. That travel or passport details did not appear to be stolen might prove some relief to the businesses' many affected customers.

This breach took place between 21 August and 5 September but was only recently discovered.

"We're extremely sorry," said Cruz on the BBC's Today programme. "I know that it is causing concern to some of our customers, particularly those customers that made transactions over BA.com and app.

"We discovered that something had happened but we didn't know what it was [on Wednesday evening]. So overnight, teams were trying to figure out the extent of the attack."

Customers were notified Thursday night. And the Information Commissioner has also been alerted, according to BA.

Of course, it's not surprising that a company with enormous amounts of valuable customer data is targeted by hackers, and the reporting of the incident seems to be in order.

But what does this all mean together?

Are these astonishing failures all merely a series of unfortunate events - or do they speak to British Airways' operational competency itself? And how many more apologies will CEO Alex Cruz have to issue in the coming years?

"Recommended For You"

British Airways notifies frequent flyers of possible breach of their accounts Forrester Forum: BA CIO apologises for T5 debacle