Avios gone? What the BA email says

I wrote earlier this morning about the problem with BA accounts being frozen. A couple of people has asked to see the email. The text is below:

Dear Customer

British Airways has become aware of some unauthorised activity in relation to your Executive Club account.

This appears to have been the result of a third party using information obtained elsewhere on the internet, via an automated process, to try to gain access to your Executive Club account.

We understand this was login information relating to a different online service which you may have also used to access your Executive Club account.

We would like to reassure you that, although it does appear that the login attempt was successful, at this stage we are not aware of any access to any subsequent information pages within your account, including your flight history or payment card details.

We have now locked down your online account to protect it from further access. As part of the lock-down process we have also changed your password and you will need to reset it before you are able to use your account.

Please click here and follow the password reset process.

If you use the same login details for your Executive Club account as you do for your online accounts with any other organisations, we would also recommend that you change the passwords for these accounts, as well as exercising vigilance regarding any unusual or suspicious use of your personal data.

For a short period of time, as a precaution, we have also suspended the use of Avios on your account. We will let you know when this suspension period is over.

In the meantime, however, if you wish to spend your Avios please contact us via your local Executive Club service centre. We will be able to reactivate your account by asking you some additional security questions.

We are sorry for the concern and inconvenience this matter may have caused you and would like to reassure you that we are taking this incident seriously.

British Airways Executive Club team


  1. Ludicrously poorly worded email given the topic – reads like a phishing email, esp with link to password change and lack of any personal identifier in the subject line or other personal data to show it’s from BA!

    They could have done with putting a prominent message on the website too, esp at the Exec Club login page given how many folk have been locked out yet didn’t receive an email. Wording of email also unclear with many folks wrongly blaming Award Wallet as a result. I’ve no issue with them taking security measures, but they’ve not handled it as well as they could have.

Comments are closed.