A cyber-security firm has said it found malicious code injected into the British Airways website, which could be the cause of a recent data breach that affected 380,000 transactions. A RiskIQ researcher analysed code from BA's website and app around the time when the breach began, in late August. He claimed to have discovered evidence of a "skimming" script designed to steal financial data from online payment forms. BA said it was unable to comment. A very similar attack, by a group dubbed Magecart, affected the Ticketmaster website recently, which RiskIQ said it also analysed in depth. The company said the code found on the BA site was very similar, but appeared to have been modified to suit the way the…