1 min read

ICO to fine British Airways £183.39 million under GDPR over 2018 breach

Filip TRUȚĂ

July 08, 2019

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
ICO to fine British Airways £183.39 million under GDPR over 2018 breach

The UK”s Information Commissioner”s Office intends to fine British Airways £183.39 million over a breach that compromised the personal data of some 500,000 customers.

In October of 2018, the self-touted “world”s favorite airline” announced it had fallen victim to an embarrassing cyber attack that exposed hundreds of thousands of customer records. The attack lasted more than two weeks before IT staff discovered something was amiss. An investigation later confirmed the number of affected accounts was 500,000, much higher than originally estimated. The attack was attributed to the Magecart group, which infected British Airways” official website with malicious code designed to steal users” credit card data when purchasing plane tickets.

After a more extensive investigation commissioned by the ICO, British Airways now stands to cough up £183.39 million (204 million EUR / 230 million USD) in penalties under the EU”s General Data Protection Regulation (GDPR).

“The ICO”s investigation has found that a variety of information was compromised by poor security arrangements at the company, including log in, payment card, and travel booking details as well name and address information,” the ICO statement reads.

The notice also includes a statement from Information Commissioner Elizabeth Denham, who said:

“People”s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. That”s why the law is clear – when you are entrusted with personal data you must look after it. Those that don”t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.”

British Airways has 28 days to appeal the ICO”s claim. The ICO says it will consider the airline”s representations, as well as claims made by other data protection authorities concerned, before it declares its decision final.

tags


Author



Right now

Top posts

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Crypto Exchange Finds Location Data on Hacker, Recovers Some Stolen Funds Crypto Exchange Finds Location Data on Hacker, Recovers Some Stolen Funds
Silviu STAHIE

October 04, 2022

2 min read
German Police Arrest Three People Accused of Running Massive Phishing Campaign German Police Arrest Three People Accused of Running Massive Phishing Campaign
Silviu STAHIE

October 03, 2022

1 min read
Prison for ex-eBay staff who aggressively cyberstalked company's critics with Craigslist sex party ads and funeral wreaths Prison for ex-eBay staff who aggressively cyberstalked company's critics with Craigslist sex party ads and funeral wreaths
Graham CLULEY

September 30, 2022

2 min read