BA Data Breach Could Have Been Prevented by Web Application Firewalls
Web application firewalling would have protected against unauthorized data exposure if configured correctly
7 September 2018 – Following the announcement by British Airways that the details of 380,000 payment card details and other personal data had been stolen from its website, Link11 stated that the breach could have been prevented with the use of a correctly-configured web application firewalling (WAF) to protect the British Airways website.
British Airways confirmed that enough information was stolen from its website to allow criminals to use credit card information for illicit purposes. The data stolen includes customers’ names, addresses, email addresses and credit card information including the card number, expiration date and the three-letter security code on the back of the card.
According to Link11’s regional director for UK & Ireland for Link11, Aatish Pattni: "The attack on BA's website happened over a 15-day period so it's likely the criminals were stealthily exploring BA's site and systems for vulnerabilities that they could exploit. It is likely the theft could have been prevented with the use of web application firewalling, which inspects and filters traffic on websites. This means it can stop data theft, and prevent commonly-used website attacks such as SQL injection and cross-site scripting.
“It seems that BA may not have had this protection in place, or it wasn't configured correctly – but the result is the largest data breach in the UK since GDPR came into effect, which could have further ramifications for BA. With solutions such as Link11’s, companies can have always-on protection to stop these types of breaches happening."
Link11's cloud-based Web Application Firewall (WAF) service is an add-on to the company’s cloud-based Web DDoS Protection. It protects website applications and APIs against all common web application threats, and against unauthorized data exposure, fraud or theft. Mission critical applications that rely on storing user data get complete protection against all common web application threats and attacks with a single solution.
“Even well-accepted security standards such as PCI DSS recommend that organizations deploy a Web Application Firewall. Every enterprise is a potential target for data theft and needs to protect their mission critical web applications, services and APIs,” added Pattni.
Current articles
Stay updated on current DDoS reports, warnings, and news about IT security, cybercrime and DDoS protection.
Follow Link11 on Twitter
RT @MarcWilczek: Distributed disruption: Coronavirus multiplies the risk of severe cyberattacks https://t.co/ReevZfLkfj #DDoS #Cybercrime…
1 Retweets 0
Read MoreRT @cloudfest: Ready to get innovative on #cybersecurity with @MarcWilczek from @Link11GmbH? He invites you to #CloudFest 2021! Join the re…
5 Retweets 0
RT @MarcWilczek: We’ve just remotely completed the 2021 Kick Off @Link11GmbH. New regions, new people, new products, and new clients. No…
7 Retweets 0
Allianz: More than 600 million Euros in losses due to Cyber-Extortion via #DDoS Attacks and #Ransomware.…
2 Retweets 0
Read MoreWhat does the end of the Privacy Shield means really for CDN users? Things have changed dramatically regarding data…
1 Retweets 2
Read MoreRT @CSOonline: How #DDoS attacks are evolving — Denial-of-service attacks have been part of the criminal toolbox for 20 years, and they’re…
8 Retweets 0
DDoS attacks and ransomware lead to increasing losses from cyber extortion. Our new blog article takes a detailed l…
3 Retweets 0
Read MoreRT @MarcWilczek: The average cost of a #databreach equals $116 million. Sensitivity of customer information and time-to-detection determine…
11 Retweets 0
Our COO Marc Wilczek takes a look at the current security situation and explains why the threat is not only omnipre…
3 Retweets 1
Read MoreRT @MarcWilczek: 639 #cybersecurity breaches at public comps analyzed, #malware (34%), #phishing (25%), & unauthorized access (20%) were th…
5 Retweets 0
RT @MarcWilczek: #Link11 keeps hiring and expanding. With great pleasure, I want to warmly welcome both Susan Herrmann and Peter Hoeld on b…
6 Retweets 0