British Airways discovered an additional 185,000 customer payment cards had been compromised while investigating an earlier data breach that affected 380,000 customers.
The airline said of the 185,000 exposed payment cards 77,000 of the records contained the holder’s name, billing address, email address, card payment information, including card number, expiration date and CVV. The remaining 108,000 had all the same information endangered except the CVV number, British Airways said in a statement.
Investigators cannot say for certain whether any of the exposed information has been accessed by unauthorized personnel, but the airline is contacting all the card owners out of an abundance of caution.
The company also had an update on the original breach saying it was not as severe as originally believed.
“In addition, from the investigation we know that fewer of the customers we originally announced were impacted. Of the 380,000 payment card details announced, 244,000 were affected,” the company said.
The airline said the new information was revealed while it was continuing its research, in conjunction with the UK National Crime Agency, into the original breach was reported on September 6.