-
Searched but couldn’t see any other similar posts. Typing this from living room in England, but “My Trips” is showing a flight from MIA to LHR on 24th Feb. The outbound was flown on 20th Jan.
Looking in Manage My Booking, there’s 2 people on that flight – neither of whom I know
Initial concern was being hacked, but no balance change so I was originally coming on to see if it was a website bug, except… it appears the second passenger has an Iberia Frequent Flyer number identical to my BAEC number (showing them as IB 12345678 vs my BA 12345678). I can see their names / membership numbers / PNR
I can’t quite figure out how its been linked to my account? Something behind the scenes gone wrong?
That’s a serious data protection issue. You need to file a formal complain with BA, I’d also file a similar complaint with the ICO telling them that BA have revealed a third party’s personal information to you.
It’s abysmal web coding/testing.
Yeah, I’ve submitted it to the BA Data Protection Officer via. their onetrust website (which hasn’t been designed for these kind of complaints at all) – will see what comes back.
BA website not currently working for me, but I took a few screenshots earlier so sent them through
You should also call BAEC about this.
Tell the agent you want these flights removed from your account by them removing the incorrect membership number.
The real passenger may also be wondering why their flights aren’t showing in their IB account and why they haven’t earned any IB avios and TPs
Definitely go to the ICO.
I had someone else’s full information sent to me in an email from Egypt Air.Definitely go to the ICO.
I had someone else’s full information sent to me in an email from Egypt Air.Bit reluctant as I went to the ICO a few months ago about a large organisation ignoring requests to amend incorrect data… heard nothing back at all – very disappointing
How was your experience?
Definitely go to the ICO.
I had someone else’s full information sent to me in an email from Egypt Air.For what reason and with what purpose should the OP go to the ICO? It will waste various people’s time (including the OP’s, and they probably have better uses of that time) but not Amadeus/BA’s , result in no action and on the scale of what the ICO deals with, maybe a 2/10 at best. These regulators are under a lot of pressure and their time should be left for those suffering real data protection issues.
People and organisations are allowed to make mistakes. Do you want to be reported for your every minor transgression or mistake by some busybody?
It is of course a modern disease that certain people love to take offence or complain endlessly about nothing. Fortunately it can be treated with a large dose of common sense.
Agree with JBD , don’t automatically think of it as a complaint, think of it as alerting BA to a problem that they should fix or it might cause problems in the future. They might even thank you for it.
Email executive club as a someone trying to help, you may get a thank you and a future useful contact.
I’m surprised nobody has suggested waiting until AFTER the Avios and TPs for that flight hit your account to report it. 😉
So this moved quite quickly initially…
Paraphrasing:
– BA have identified an issue and stopped the records from appearing.
– They don’t feel any personal data has been breached.
– I’ve asked them to clarify how the issue occurred… All gone quiet since then
So this moved quite quickly initially…
Paraphrasing:
– BA have identified an issue and stopped the records from appearing.
– They don’t feel any personal data has been breached.
– I’ve asked them to clarify how the issue occurred… All gone quiet since then
… if the bug impacted more accounts than just yours, and let’s face it it very likely did, then they may be reluctant to talk about what happened. The breach is material if widespread — people’s travel plans are sensitive for various reasons, not least potentially making them targets for crime.
- You must be logged in to reply to this topic.
Popular articles this week:
