British Airways tells 35,000 staff their data was hacked

British Airways told its staff of around 35,000 that their personal information may have been compromised in a cyberattack on the airline’s payroll provider, in the latest technology setback for the UK airline.

The hack of payroll provider Zellis led to the disclosure of employees’ personal information, including names, surnames, dates of birth as well as potentially banking details, according to a BA spokesperson.

The data theft adds to a string of technology glitches afflicting British Airways. Last month, a computer outage forced IAG SA’s flagship carrier to cancel hundreds of flights. Group Chief Executive Officer Luis Gallego said earlier Monday that IAG’s tech issues are fixable “but it’s going to take time.” 

IAG is investing huge amounts in its tech infrastructure, Gallego said at the annual International Air Transport Association general meeting in Istanbul.

The most recent incident occurred through the file transfer tool of one of Zellis’s third-party suppliers, called MOVEit, BA said.

“Our data protection team is working closely with IAG’s Group Security Operations Centre to ensure the containment of the issue and to mitigate any misuse of information,” the airline said.

The Telegraph reported earlier that BA was affected, as well as drugstore chain Boots.