0800 644 6080
Call FREE from Landline and Mobile
Est. 1989

British Airways Facing £183m Fine Over Data Breaches

Written by: Keith Tully

Reviewed: Tuesday 9th July, 2019

British Airways planeBritish Airways (BA) is facing the prospect of being fined more than £183 million for failures in relation to data protection laws.

The Information Commissioner’s Office (ICO) has made clear its intention to fine the airline for infringements of the General Data Protection Regulations (GDPR), which were introduced in May 2018.

“Poor security arrangements” at BA were blamed for allowing the personal data of close to 500,000 of its customers to be compromised by way of cyber attacks that are believed to have begun in June 2018.

Log in details, payment card information, names and addresses, as well as travel bookings, are all understood to have been stolen from BA customers as a result of security failings on the part of the airline.

The cyber attackers in the case were reportedly able to breach BA’s online security and divert traffic away from its official website to a fraudulent site that was then used to obtain and harvest customer information.

“People’s personal data is just that – personal,” said the Information Commissioner Elizabeth Denham in a statement.

“When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience.

“That’s why the law is clear – when you are entrusted with personal data you must look after it. Those that don’t face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.”

The ICO was notified of the incident in September 2018 and has said that it now intends to fine BA well over £100 million, although the airline will be allowed to make representations in its own defence before a final verdict is given on the case.

According to the ICO, BA cooperated with its investigations into its security breaches and has made some improvements to its data protection policies in recent months.

BA’s chief executive Alex Cruz responded to news by saying: “We are surprised and disappointed in this initial finding from the ICO.

“British Airways responded quickly to a criminal act to steal customers’ data. We have found no evidence of fraud/fraudulent activity on accounts linked to the theft.”

Keith Tully

Author
Keith Tully
Partner

Join Keith Tully on Linked In Join Keith Tully on Google Plus Follow Keith Tully on Twitter

Keith has been involved in Business Rescue since 1992, during which time he’s worked for both independent and national firms. His specialties include company restructuring matters and negotiating with HMRC on his clients behalf.

Meet our Team of Experts
Who we help
  • Company Directors
  • Finance Directors
  • Sole Traders
  • Accountants
  • Small Businesses
  • Large Businesses
  • Partnerships
Contact our team
Jonathan Munnery
Gillian Sayburn
Julie Palmer
Processing...
or Find your Nearest Office

Here at Real Business Rescue we take your privacy seriously and will only use your personal information to contact you with regards to your enquiry. We will not use your information for marketing purposes. See PRIVACY POLICY

Business Rescue Advice for Directors
Free Guide for Limited Company Directors
Business Rescue Advice for Directors
  • How to manage company cash flow problems
  • Advice on dealing with HMRC
  • Understanding rescue and closure options
  • And much more...
Free Guide Download
Desling with your Insolvent Clients
Business Rescue Guide for Accountants
Dealing with your Insolvent Clients
  • Helping you advise insolvent clients
  • Spotting signs of client distress
  • Exploring business rescue options
  • And much more...
Free Guide Download
Our numbers speak for themselves
75
Number of UK Offices
30000
Directors Helped
70+
Licensed Insolvency Practitioners