British Airways has confirmed that up to 400,000 card payments were hacked, after a two-week data breach compromised the personal and financial information of the company’s clients. The criminal activity took place between August, 21st and September, 5th, during which time customers were making their bookings online through the company’s website and mobile app.
The company announced that the stolen data included names, addresses, email addresses, and sensitive card details. British Airways advised those who might have been affected to contact their banks and take the necessary safety measures for their bank accounts.
The hackers are believed to have used a “cross-site scripting” attack, where a poorly secured web page component was first identified and then corrupted with a special code to alter the victim site’s behavior. The cyberattack did not involve invading the organization’s servers, which is why hackers were only able to access information submitted during a specific timeframe.
The incident shows the real dangers centralized networks, such as the one British Airways has in place, are exposed to. Unfortunately, this is not an isolated event, since, at the end of August this year, cybercriminals had corrupted Air Canada’s database to retrieve passport numbers and other information from approximately 20,000 users.
How many of these breaches will it take for large companies to acknowledge the need for a decentralized structure for information storage?
A centralized platform allows system administrators and other parties to delete, change or even transmit data to third parties. When using blockchain technology obtaining the consent of the nodes for operating any data is contingent on having the request validated. Decentralized data processes without the need for a central server or administrators. The users confirm the information on the shared ledger, and in this way, all possible risks related to data breaches are eliminated.
Let’s suppose that British Airways just stores the information of customers who will fly soon. The blockchain stores all info including earlier entries in such a way that data is never stored in one place, but shared with the network at once, thus making it impossible to disclose it without the users’ consent.
The biggest problem with the British Airways’ breach was that data was centralized, making it easy for hackers to infringe such an architecture. Using a blockchain immediately eliminates the likelihood of a cyberattack as the information is held on a decentralized network. The blockchain exists on the consensus of a majority of users verifying transactions that are set up according to the network’s configuration. One can see it as a self-auditing system, where it is nearly impossible to corrupt and alter any block on the ledger.
Blockchain’s role as a shared, decentralized digital ledger has the potential to enable a more accurate personal information storage. In the future, by employing the advanced technology of the blockchain such data breaches as the one British Airways recently experienced can become a lesson of the past.