Last year, British Airways experienced a breach that left hundreds of thousands of customers exposed. Today, BBC News reports that British Airways is receiving their penalty in the form of a record fine.
The fine follows an investigation by the Information Commissioners Office (ICO). In the investigation, the ICO found that the breach began as early as June 2018. They also discovered that the breach was largely possible due to negligence by British Airways.
“The watchdog said a variety of information was “compromised” by poor security arrangements at the company, including login, payment card, and travel booking details as well name and address information.”
British Airways are continuing to plea not guilty, claiming that capable criminals carried out the attack on their system.
“The airline, owned by IAG, says it is “surprised and disappointed” by the penalty from the Information Commissioner’s Office (ICO).”
The article reveals that the ICO fine stands at a whopping £183m. This is the first of its kind to be issued under the new GDPR rules that came into effect over a year ago. British Airway’s failure to notify the ICO about the breach in a timely manner broke the rules outlined by the regulation thereby eliciting the fine.
While the maximum fee can stand as high as 4%, British Airway’s penalty makes up only 1.5% of their annual worldwide turnover. Following Facebook’s penalty fee of £500,000, this fine is a major increase.
Rory Cellan-Jones, an analyst and Technology correspondent, was surprised to see this leap in the fine amount.
“Now you might have expected the data regulator to be somewhat cautious at first in wielding this powerful new weapon but today’s news will send a shiver down the spine of anyone responsible for cybersecurity at a major corporation.”
What It Means For the Digital You
British Airways has 28 days to appeal the fine and it seems like that is exactly what they plan on doing.
“We intend to take all appropriate steps to defend the airline’s position vigorously, including making any necessary appeals,”
However this penalty is resolved, it could mark a new beginning for how companies treat user data and the Digital You. Make sure you keep up with our blogs to see the latest news pertaining to the Digital You.
Tap Into The Digital You at ScoresMatter.