United Kingdom fines British Airways for failures in 2018 data hack

United Kingdom fines British Airways for failures in 2018 data hack

The UK's Information Commissioner's Office (ICO) has fined British Airways £20 million ($25.9 million)-the largest penalty the office has ever imposed-for failing to protect the personal and financial details of more than 400,000 of its customers, the ICO said Friday.

The ICO finding that the airline was processing a significant amount of personal data without adequate security measures in place is particularly damning.

ICO said its investigators found that BA did not detect the attack on 22 June 2018 but was alerted by a third party more than two months afterwards. The ICO announced the actual fine today, and it's only £20 million ($25.85 million), nearly one-tenth of the amount proposed past year.

Click to follow Telangana Today Facebook page and Twitter . First, the airline has taken the security of its customer data a lot more seriously since the 2018 incident, and they have now applied state-of-the-art protection systems and all of the suggested precautionary measures.

The fine is considerably smaller than the £183m that the ICO originally said it meant to issue back in 2019, reports BBC. Well, COVID-19 happened. "As part of the regulatory process the ICO considered both representations from BA and the economic impact of COVID-19 on their business before setting a final penalty", the authority explained in its latest statement.

The BA probe was different because it was an EU-wide effort led by the ICO. "The law now gives us the tools to encourage businesses to make better decisions about data, including investing in up-to-date security", said Information Commissioner Elizabeth Denman.

BA said customers were alerted to the attack as soon as it became known.

In head-to-head town halls, Biden beats Trump in audience
Despite the financial advantage, O'Malley Dillon said: "We think this race is far closer than folks on ( Twitter ) think". No Republican presidential contender has lost the state since 1992, but polling shows Trump and Biden in a tight contest.

The data breach included personal details such as names, addresses and travel documents as well as payment information including CCV2 numbers, which should not be stored.

"We are pleased the ICO recognises that we have made considerable improvements to the security of our systems since the attack and that we fully co-operated with its investigation".

A further 77,000 customers had their combined card and CVV numbers accessed, and an additional 108,000 customers had just their card numbers accessed.

The regulator said that the usernames and passwords of up to 612 BA Executive Club members may also have been compromised.

British Airways could have taken several affordable steps to prevent the risk of such an attack, such as limiting access to applications and protecting accounts with "multi-factor authentication", officials said.

The ICO said that BA had failed to implement sufficient security around the data, even though measures that could have prevented the hack such as multi-factor authentication were built into the operating system, and also failed to adequately test its systems.

Mr Gallego is hoping to spearhead a recovery for the airline and is thought to have wanted a new face at the helm of BA, with Mr Cruz's relationship with workers, unions and politicians growing increasingly fractious.

Related Articles