The airline said the theft of customer data was being investigated as a matter of urgency.
The airline said in a statement on Thursday that its website and app were compromised from August 21 until 9:45 p.m. on Wednesday.
The company says its website is working properly now.
"We are 100 per cent committed to compensate them", BA chief executive Alex Cruz told BBC radio. "We take the protection of our customers' data very seriously".
BA has notified its customers and advised them to contact their bank or card providers. It immediately contacted customers when the extent of the breach became clear.
It added that no future bookings will be affected. Law enforcement has been informed about the data breach.
British Airways will pay compensation to customers whose data was been stolen by a "sophisticated" and "malicious" hacking attack, its boss said Friday (Sep 7).
The National Cyber Security Center, which is part of Britain's GCHQ security and intelligence agency, says British Airways' recent customers should consider changing their passwords for bank and credit accounts, and monitor their accounts for any suspicious transactions.
Will I have to get a new card?
The same breach also hit Sears Holdings Corp., which operates Kmart stores.
Gemma Theobald tweeted: "My bank. are experiencing extremely high call volumes due to this breach!"
Shares in BA's parent, International Airlines Group ICAG.L , fell 3 percent in early deals on Friday.
And in May 2017, serious problems with British Airways' IT systems led to thousands of passengers having their plans disrupted, after all flights from Heathrow and Gatwick were cancelled.
Email addresses, customer names, home addresses and payment card information are among the information stolen.