British Airways deals with $230M GDPR fine for 2018 information breach

By
Blake Kling
-
0
398
british-airways-behind-the-scenes-engineering-heathrow-9.jpg

Revealed: The Secrets our Clients Used to Earn $3 Billion

British Airways deals with a $230 million fine.


Andrew Hoyle/CNET

The Information Commissioner’s Office in the UK on Monday exposed its strategy to slap British Airways with a £183.4 million ($230M) fine over a 2018 information breach, among the ICO’s most significant fines considering that the General Data Protection Regulation entered result. The breach is thought to have actually affected 500,000 individuals, the regulator kept in mind.

The breach, which Bachelor’s Degree divulged in September, saw individuals visiting its site being diverted to a deceptive website, where information consisting of name, billing address, e-mail address and payment info were collected. 

The preliminary disclosure stated the breach occurred in between August and September, affecting 380,000 card payments. The airline company later on stated that 185,000 individuals who made reservations in between April and July might have been likewise jeopardized.

thumb


Now playing:
Watch this:

Finding our personal data on the dark web was far too…



3:53

Information Commissioner Elizabeth Denham said in a statement that “the law is clear” when it comes to people’s personal data.

“When you are entrusted with personal data you must look after it,” she wrote. “Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.”

The $230 million fine is 1.5% of BA’s global turnover for the year, its parent company International Airlines Group noted in a statement. Under GDPR, companies can be fined the equivalent of $22.4 million or 4% of their total annual worldwide revenue in the preceding financial year, whichever is higher.

“We are surprised and disappointed in this initial finding from the ICO. British Airways responded quickly to a criminal act to steal customers’ data,” Alex Cruz, BAs’s chairman and chief executive, said. “We have found no evidence of fraud/fraudulent activity on accounts linked to the theft. We apologise to our customers for any inconvenience this event caused.”

Willie Walsh, IAG’s chief executive, noted that the company plans to appeal the fine. It has 28 days to do so, our sister site ZDNet noted.

First published at 3:26 a.m. PT.
Updated at 4:55 a.m. PT: Adds more detail.

7 excellent security cameras that work with Amazon Alexa

See all photos

RELATED ARTICLESMORE FROM AUTHOR