In September, British Airways discovered an ongoing malicious attack on their website which had begun towards the end of August. The attack resulted in the personal and payment information of affected customers being compromised.

British Airways did not reveal details on the nature of the attack, but security researchers later discovered that it was caused by credit card skimming malware injected onto the website, targeting the airline's payment web-app. Initial estimates were that 380,000 records were caught in the breach, but British Airways later lowered this to 244,000. However, it later emerged that a further 185,000 customers were potentially at risk.

Security firm RiskIQ claims that the MageCart hacking group - which specializes in stealing bank card details - compromised and altered the Modernizr JavaScript library that was loaded from the baggage claim information page of the British Airways website. (_Source:

https://www.immuniweb.com/blog/top-ten-application-security-databreaches-2018.html)

1. Analyze at least two security risks and privacy issues in British Airways using your expert knowledge and identify countermeasures to address the issues.

Ans: The two security risks that are

1.2Investigate the types of attacks that the opportunist may have conducted.