British Airways published an update regarding the September 6 data breach incident, saying that the hackers may have stolen the personal and banking info of some extra 185,000 customers, on top of the 380,000 estimated initially.
"In addition, from the investigation we know that fewer of the customers we originally announced were impacted. Of the 380,000 payment card details announced, 244,000 were affected," says British Airways' press release.
The new information has been unearthed following an ongoing investigation by specialist cyber forensic investigators and the National Crime Agency.
British Airways also said in their update that they "are notifying the holders of 77,000 payment cards, not previously notified, that the name, billing address, email address, card payment information, including card number, expiry date and CVV have potentially been compromised, and a further 108,000 without CVV."
The 185,000 customers who had their private information compromised were those who used a payment card to make reward bookings from April 21 to July 28, 2018.
An extra 77K customers had their private and banking info stolen together with their payment cards' CVV code
Although British Airways has no irrefutable proof that the hackers behind the attack have exfiltrated the accessed data to one of their servers, the airline is "taking a prudent approach in notifying potentially affected customers, advising them to contact their bank or card provider as a precaution."
According to the airline, only customers that will receive a notification saying that their data has been compromised by Friday 26 October at 17:00 GMT is part of the newly discovered wave of stolen data.
All customers that were affected by the hack will be reimbursed by the British Airways airline, and they will also receive credit rating monitoring services to avoid any credit rating issues.
As discovered on September 11 by RiskIQ's Yonathan Klijnsma, the British Airways data breach which exposed the payment card details of around 380,000 customers is the work of the Magecart cybercriminal group.