Tag Archives: online security

So British Airways Sent Me An Email Saying My Account Was Compromised…

And this was their explanation:

This appears to have been the result of a third party using information obtained elsewhere on the internet, via an automated process, to try to gain access to your Executive Club account.

We understand this was login information relating to a different online service which you may have also used to access your Executive Club account.

This is complete BS. While yes, I realize that it’s common for people to reuse passwords, I use a password manager to generate unique passwords for each of my online accounts, so it’s impossible for “login information relating to a different online service” to have provided access to my British Airways account (well, okay, it’s not completely impossible, but I can’t imagine that there’s an underlying predictability in the randomness of the passwords generated by my password manager that allowed hackers to generate the password that I would have used for my BA account).

Of course, it’s much more convenient for them to blame someone else rather than admitting that they themselves were hacked, which is what they’re doing.

Two thoughts on online security:
1) You really should use a password management system. Reusing passwords is kinda a big deal. It can’t always help you (like in this case), but it does give me confidence that none of my other online accounts were hacked since I haven’t used my BA password for any other accounts.
2) You should use two-factor authentication for any service that offers it. For example, email, Twitter, Facebook, financial accounts, etc.

Okay, I’m done preaching and ranting.