News and resources on cyber and physical threats to banks and fintechs worldwide.
British Airways faces £183m fine over data breach

British Airways faces £183m fine over data breach

British Airways faces a record £183.39 million fine for a data breach last year that compromised the personal information - including payment card details - of hundreds of thousands of people.

The Information Commissioner's Office (ICO) says it intends to fine BA for infringements of the General Data Protection Regulation (GDPR), criticising the firm for "poor security arrangements".

The breach saw users of BA's website diverted to a fraudulent site, through which details of about half a million people were harvested.

Credit card numbers, expiry dates and CVV codes were all taken, along with names, addresses and travel booking information.

Information Commissioner Elizabeth Denham says: "People’s personal data is just that - personal. When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience.

"That’s why the law is clear - when you are entrusted with personal data you must look after it."

BA chief executive Alex Cruz says the airline is "surprised and disappointed" by the ICO finding. It has 28 days to appeal.

Comments: (1)

David Gyori
David Gyori - BANKING REPORTS, LONDON - London 08 July, 2019, 17:01Be the first to give this comment the thumbs up 0 likes

The fine is probably very well deserved. I am curious how this will change after appeal.