United Kingdom fines British Airways £20m over 2018 data breach

British Airways' GDPR Fine Dramatically Reduced

The ICO finalized a fine of almost 20 million pounds ($26 million) in connection with a 2018 data breach that exposed the personal information of about 430,000 customers.

The ICO finding that the airline was processing a significant amount of personal data without adequate security measures in place is particularly damning.

"It shows the ICO means business and is not letting struggling companies off the hook for their data protection failures", he said.

"Their failure to behave was unacceptable and affected tons of of hundreds of individuals, which can have precipitated some anxiousness and misery because of this", UK Data Commissioner Elizabeth Denham mentioned in a statement, including that the 20 million-pound high quality was the most important her company has issued to this point.

After discovering the matter in 2018, the office said at the time that the fine to be imposed on British Airways would amount to about 183 million pounds sterling, but it was reduced to about 20 million pounds sterling with the hard conditions the company is going through due to the Corona epidemic.

Click to follow Telangana Today Facebook page and Twitter .

Investigators found the airline should have identified the security weaknesses which enabled the attack to take place.

In calculating the fine, the ICO took into account BA's representations in response to the original Notice of Intention to fine and additional technical information that BA submitted, together with the factors listed in Article 83 (2) of the GDPR, which include the nature, gravity and duration of the infringement, the number of data subjects affected and the damage to them, and steps taken to mitigate the impact of the incident.

British Airways has been landed with a £20mln for a data breach that saw details of 400,000 customers hacked in 2018.

"When organizations make the wrong decisions about other people's personal data, it can have a real impact on their lives".

BA was informed of the issue by a third party and notified the ICO on September 6, 2018.

British Airways said it had alerted customers as soon as it had found out about the attack on its systems.

"We are pleased the ICO recognises that we have made considerable improvements to the security of our systems since the attack and that we fully co-operated with its investigation", said a BA spokesperson.

This included the names, addresses, payment card numbers and the three digits on the back of cards of 77,000 customers, and card numbers only for 108,000 customers.

Usernames and passwords of BA employee and administrator accounts as well as usernames and PINs of up to 612 BA Executive Club accounts were also potentially accessed.

Mr Gallego is hoping to spearhead a recovery for the airline and is thought to have wanted a new face at the helm of BA, with Mr Cruz's relationship with workers, unions and politicians growing increasingly fractious.

Related:

Comments


Other news