British Airways data breach leads to record penalty IBM Blog

When British Airways’ data systems were compromised, the airline was given a then record fine of £183m, 367 times higher than the £500,000 penalty imposed on Facebook. The difference, of course, is Europe’s General Data Protection Regulation (GDPR), allowing fines of up to 4% of annual turnover. That means British Airways could have been fined £500m. The message is clear – make sure all data is secure from cybercrime.


British Airways faces record £183m fine for data breach
BBC News

British Airways’ record fine amounts to 1.5% of its worldwide turnover in 2017. The Information Commissioner’s Office (ICO) said the incident took place after 500,000 users of the airline’s website were diverted to a fraudulent site harvesting their details.


BA faces record £183m fine over data breach
The Guardian

Shocked by the ICO’s £183m fine, British Airways chairman Álex Cruz insisted that they had responded quickly to the stealing of customers’ personal and financial information in 2018 from the website and the airline’s mobile app.


Intention to fine British Airways £183.39m under GDPR for data breach
ICO statement

The ICO investigated this case as lead supervisory authority on behalf of other EU Member State data-protection authorities. “The law is clear,” Information Commissioner Elizabeth Denham said, “when you are entrusted with personal data you must look after it.”


British Airways hack: airline fined £183m after customers’ credit card details stolen
Simon Calder, The Independent

Although British Airways insists there is no evidence of harm to passengers, and promised to indemnify customers who suffered financially when their credit-card data was stolen, they still face a fine of £183m for the data breach.


UK proposes £183m fine over British Airways data breach
Janina Conboye, The Financial Times

Following British Airways’ record fine of £183m for allowing the theft of customer data, the Information Commissioner warned all companies they would face scrutiny to “check they have taken appropriate steps to protect fundamental privacy rights”.

To ensure you and your clients don’t face a costly investigation from the ICO, make sure you catch up on the latest data-protection technologies.

Discover Data Protection Technologies
Back to top