The Strategist

British Airways faces fine for data breach

07/09/2019 - 11:19

Amount of the fine, imposed on a British airline, exceeds £183 million. British Airways is accused of weak security measures, which led to the leakage of data of 500 thousand customers.

British airline British Airways (BA) faces a fine of £183.39 million (€205 million) due to a scandal around customers data leak. This follows from the statement of the British Information Commissioner’s Office (ICO), released on Monday, July 8. A fine of 1.5 percent of British Airways’s annual turnover for 2017 is imposed on BA’s parent company, International Consolidated Airlines Group SA (IAG). The decision of the ICO can be appealed.

IAG will be fined due to the theft of personal data of almost 500 thousand BA clients. These data were stolen mainly during online booking of tickets on the British Airways website: information was redirected from the British Airways page to a fraudulent website, from which logins, credit card numbers, home addresses and other private data was stolen.

According to the regulator, the incident was possible due to weak security measures taken by the BA. “Personal data of people is personal. If an organization does not protect them from loss, damage or theft, then this is more than a nuisance,” said Elizabeth Denham, head of the ICO.

BA’a executive director Alex Cruz said he was surprised and disappointed by the regulator’s decision. According to him, the airline quickly responded to the theft of private data, and no fraudulent actions due to data leakage have been identified. The head of IAG, Willie Walsh, stated that the decision on fines would be appealed.