British Airways Facing £183M Fine Over Hack

British Airways IT Failure Caused Online Outage

British Airways is to be handed record fine amounting to 1.5% of its worldwide turnover in 2017 due to a hack that took place at the end of last year. 

Following a major customer data breach last September, the Information Commissioner’s Office (ICO) has announced it plans to fine the airline more than £183 million under the new Data Protection Act.

This is the largest penalty ever dolled out, roughly 367 times as high as the previous record, and the first to be made public under the new rules, according to the watchdog.

Previously, the largest penalty issued (£500,000) was imposed on Facebook for its part in the Cambridge Analytica data scandal. At the time that figure was the maximum fine permitted before the new General Data Protection Regulation (GDPR) came into effect.

Recommended

Willie Walsh, CEO of International Airlines Group, British Airways’ (BA) parent company has said the organisation will “defend the airline’s position vigorously, including making any necessary appeals”.

The company now has 28 days to appeal the ICO’s decision. Potentially, had the ICO imposed the highest penalty of 4% of turnover, BA would have faced a fine approaching £500m.

In September 2018, British Airways’ chairman and chief executive, Alex Cruz disclosed that the airline had been the victim of “a very sophisticated, malicious attack,” which saw the personal and financial details of around 500,000 of its customers lifted by hackers.

Information Commissioner Elizabeth Denham said: “People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft, it is more than an inconvenience.

“That’s why the law is clear – when you are entrusted with personal data, you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.”

According to the ICO, the breach was due to poor security measures at BA, including login, payment card, and travel booking details as well as name and address information.

BA’s chairman and chief executive, Alex Cruz said of the initial finding that he was “surprised and disappointed”. “British Airways responded quickly to a criminal act to steal customers’ data. We have found no evidence of fraud/fraudulent activity on accounts linked to the theft. We apologise to our customers for any inconvenience this event caused,” he said.

 

 

 

 



Latest News

Digital Diversity News
Digital News
19th July 2019

DIGIT Tech News Roundup: 19th of July 2019

News Recruitment
Fintech News
19th July 2019

Edinburgh’s FNZ Snaps Up Wealth Management Firm Ebase