UK’s Information Commissioner’s Office (ICO) has slapped a massive £183 million fine on British Airways for the breach under General Data Protection Regulation (GDPR).
The ICO carried out an extensive investigation into the cybersecurity incident which affected as many as 500,000 British Airways customers. The incident took place on September 2018, when a fraudulent website was used to harvest customer details. The attack is believed to have begun in June 2018.
ICO’s information revealed that the personal data of British Airways customers had been compromised due to poor security arrangements. The data compromised included the login, payment card, name, address information, and travel booking details.
The Information Commissioner Elizabeth Denham said: “People’s personal data is just that – personal. When an organization fails to protect it from loss, damage or theft it is more than an inconvenience. That’s why the law is clear – when you are entrusted with personal data you must look after it. Those that don’t will face the scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.”
Alex Cruz, Chairman, and CEO of British Airways said that the company is both surprised and disappointed by ICO’s finding. In the statement, he apologized for the inconvenience caused to the customers on the company’s behalf.
India fines Google $162M for Android anti-competitive practices
Jet Airways 2.0 to start its domestic flights by Q1 2022
Jet Airways revival on track as NCLT approves Kalrock-Jalan consortium's plan
China Fines Alibaba, Tencent Against Anti-Monopoly Laws
Jet Airways May Fly Again Soon; Two Lenders Bid For The Revival
© 2022 CIO Bulletin. All rights reserved.