17.6 C
California
Wednesday, October 21, 2020

British Airways fined £20 million for data breach that affected over 400,000 customers

Jack Taylor | Getty Images News | Getty Images

LONDON — British Airways has been fined £20 million ($26 million) by the Information Commissioner’s Office (ICO) in the U.K. over a data breach in 2018 that left the personal and financial details of 429,612 BA customers exposed.

Following an investigation spanning almost two years, the ICO concluded that British Airways did not have sufficient security measures in place to process significant amounts of personal data.

The regulator said the failure broke data protection law.

While the fine is less than the £183 million the ICO said it would issue in 2019, it is still the largest-fine ever issued by the watchdog, which said the “economic impact of Covid-19” had to be taken into account.

The attacker is believed to have accessed the names, addresses, payment card numbers and CVV numbers of 244,000 British Airways customers.

A further 77,000 customers had their combined card and CVV numbers accessed, and an additional 108,000 customers had just their card numbers accessed.

The regulator said that the usernames and passwords of up to 612 BA Executive Club members may also have been compromised.

It took British Airways more than two months to realize it had suffered a data breach.

Information Commissioner Elizabeth Denham said in a statement: “People entrusted their personal details to BA and BA failed to take adequate measures to keep those details secure.”

“Their failure to act was unacceptable and affected hundreds of thousands of people, which may have caused some anxiety and distress as a result. That’s why we have issued BA with a £20 million fine – our biggest to date.”

“When organizations take poor decisions around people’s personal data, that can have a real impact on people’s lives. The law now gives us the tools to encourage businesses to make better decisions about data, including investing in up-to-date security.”

A British Airways spokesperson told CNBC: “We alerted customers as soon as we became aware of the criminal attack on our systems in 2018 and are sorry we fell short of our customers’ expectations.

“We are pleased the ICO recognizes that we have made considerable improvements to the security of our systems since the attack and that we fully co-operated with its investigation.”

Speak Your Mind

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Get in Touch

211FansLike
34FollowersFollow
41FollowersFollow

Recommend for You

Walmart divides Black Friday deals into 3 separate events that kick off online

An employee works on a display ahead of Black Friday at a Walmart store in Chicago, November 20, 2018.Kamil Krzaczynski | ReutersFor shoppers who...

Solar-powered system extracts drinkable water from ‘dry’ air: Engineers have made their initial design more practical, efficient, and scalable

Researchers at MIT and elsewhere have significantly boosted the output from a system that can extract drinkable water directly from the air even in...

Facebook and Twitter CEOs will have to answer to Senate Republicans after Biden NY Post story controversy

Facebook and Twitter typically take heat for acting too slowly to reduce the spread of harmful misinformation. But on Wednesday, both companies acted surprisingly...

Related Articles

AMD Has New Rizen 5000 Series Processors, But Do...

American chipmaker Advanced Micro Devices (AMD) has announced its new lineup of Ryzen 5000...

Anemic star cluster breaks metal-poor record

In a surprising discovery, astronomers using two Maunakea Observatories -- W. M. Keck Observatory...

Apple iPhone sales peaked years ago, but the pieces...

The Apple iPhone 12 Pro Max is unveiled during a virtual product launch.Daniel Acker...