BA set to be fined record £183m over customer data hack
British Airways is facing a record fine of more than £183m over a customer data breach.
The airline’s boss Alex Cruz said he was “surprised and disappointed” by the penalty from the Information Commissioner’s Office (ICO).
Personal data relating to around half a million passengers was compromised during the hacking incident, according to the ICO.
A spokesman for the watchdog said the proposed £183.4m fine would be the largest it has handed out and the first to be made public since new rules came into force.
The General Data Protection Regulation (GDPR) came into force in May last year and means firms can be fined up to 4% of annual turnover for data breaches.
British Airways’ fine of £183.4m represents 1.5% of its annual turnover.
It is the largest fine issued by the ICO since it told Facebook to pay £500,000 over failures to protect user data, which was the maximum penalty at the time of the incidents.
Details of the hack – which is believed to have begun in June 2018 – were first revealed by the airline in September of that year.
The ICO’s investigation found that a variety of information was compromised by “poor security arrangements”, including log in, payment card and travel booking details as well as customers’ names and addresses.
Part of the scam involved passengers being diverted to a fake website, through which their details were harvested by the attackers.
Information Commissioner Elizabeth Denham said:
People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience.
That’s why the law is clear – when you are entrusted with personal data you must look after it.
Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.
British Airways responded quickly to a criminal act to steal customers’ data. We have found no evidence of fraud/fraudulent activity on accounts linked to the theft.
We apologise to our customers for any inconvenience this event caused.”
Willie Walsh, boss of British Airways’ parent company International Airlines Group, said:
British Airways will be making representations to the ICO in relation to the proposed fine. We intend to take all appropriate steps to defend the airline’s position vigorously, including making any necessary appeals.
Shares in IAG were down as much as 1.95% in early trading on Monday, at one point hitting a low of 447.6p.
We know everyone is suffering under the Tories - but the Canary is a vital weapon in our fight back, and we need your support
The Canary Workers’ Co-op knows life is hard. The Tories are waging a class war against us we’re all having to fight. But like trade unions and community organising, truly independent working-class media is a vital weapon in our armoury.
The Canary doesn’t have the budget of the corporate media. In fact, our income is over 1,000 times less than the Guardian’s. What we do have is a radical agenda that disrupts power and amplifies marginalised communities. But we can only do this with our readers’ support.
So please, help us continue to spread messages of resistance and hope. Even the smallest donation would mean the world to us.
Leave a ReplyYou must be logged in to leave a comment.Join the conversation
Please read our comment moderation policy here.