[Updated] 2018 data breach : BA fined £20 million
Jul 8, 2019, 9:53 am
#106
Ambassador: Emirates Airlines
Join Date: Sep 2004
Location: Manchester, UK
Posts: 18,603
https://www.riskiq.com/blog/labs/mag...irways-breach/
From that, it would appear that the perpetrator needed direct access to a BA server to modify a JavaScript library. Unless, of course, they managed to get onto the BA server from outside the network - which would be an even bigger breach...
Jul 8, 2019, 10:06 am
#107
Suspended
Join Date: Jan 2003
Location: London, UK.
Programs: SQ LPPS, A3 *G, BA Silver aiming for Bronze
Posts: 1,506
Just had this from Hayes Connor:
Good Afternoon,
As you may be aware, the ICO has today announced that it plans to fine British Airways (BA) £183.93 million for the data breach that put your personal information at risk. Speaking about this breach, the ICO Commissioner, Elizabeth Denham commented: “People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. That’s why the law is clear – when you are entrusted with personal data you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.” We are in receipt of all the required documentation on your case so there is nothing for you to do at the moment. We will be in touch with further updates as the case progresses and of course we are here to answer any questions that you may have via email or telephone. Kind Regards,Kingsley HayesSolicitor
Good Afternoon,
As you may be aware, the ICO has today announced that it plans to fine British Airways (BA) £183.93 million for the data breach that put your personal information at risk. Speaking about this breach, the ICO Commissioner, Elizabeth Denham commented: “People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. That’s why the law is clear – when you are entrusted with personal data you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.” We are in receipt of all the required documentation on your case so there is nothing for you to do at the moment. We will be in touch with further updates as the case progresses and of course we are here to answer any questions that you may have via email or telephone. Kind Regards,Kingsley HayesSolicitor
Jul 8, 2019, 10:28 am
#108
Join Date: May 2006
Location: 5 miles from EMA
Programs: BD, BAEC Pleb, VS Pleb, Accor Pleb, HHonors Gold, Big White Season Pass
Posts: 5,904
Just had this from Hayes Connor:
Good Afternoon,
As you may be aware, the ICO has today announced that it plans to fine British Airways (BA) £183.93 million for the data breach that put your personal information at risk. Speaking about this breach, the ICO Commissioner, Elizabeth Denham commented: “People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. That’s why the law is clear – when you are entrusted with personal data you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.” We are in receipt of all the required documentation on your case so there is nothing for you to do at the moment. We will be in touch with further updates as the case progresses and of course we are here to answer any questions that you may have via email or telephone. Kind Regards,Kingsley HayesSolicitor
Good Afternoon,
As you may be aware, the ICO has today announced that it plans to fine British Airways (BA) £183.93 million for the data breach that put your personal information at risk. Speaking about this breach, the ICO Commissioner, Elizabeth Denham commented: “People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. That’s why the law is clear – when you are entrusted with personal data you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.” We are in receipt of all the required documentation on your case so there is nothing for you to do at the moment. We will be in touch with further updates as the case progresses and of course we are here to answer any questions that you may have via email or telephone. Kind Regards,Kingsley HayesSolicitor
Jul 8, 2019, 10:34 am
#110
FlyerTalk Evangelist
Join Date: Mar 2010
Location: JER
Programs: BA Gold/OWE, several MUCCI, and assorted Pensions!
Posts: 32,144
Jul 8, 2019, 10:55 am
#111
Join Date: Nov 2015
Posts: 158
I posted a link to a very detailed technical report in the original data breach thread.
https://www.riskiq.com/blog/labs/mag...irways-breach/
From that, it would appear that the perpetrator needed direct access to a BA server to modify a JavaScript library. Unless, of course, they managed to get onto the BA server from outside the network - which would be an even bigger breach...
https://www.riskiq.com/blog/labs/mag...irways-breach/
From that, it would appear that the perpetrator needed direct access to a BA server to modify a JavaScript library. Unless, of course, they managed to get onto the BA server from outside the network - which would be an even bigger breach...
Jul 8, 2019, 10:59 am
#112
Join Date: Feb 2016
Location: LHR
Programs: BAEC Gold, SkyTeam Elite Plus, Sixt Gold
Posts: 418
Well deserved and as one of the many affected I can only be happy that BA eventually got punished for this, also considering the way they treated me with contempt and indifference.
On the other hand, I can't hide my concern these £183M will come from additional savings on our already strained premium products and/or higher fees...
On the other hand, I can't hide my concern these £183M will come from additional savings on our already strained premium products and/or higher fees...
Jul 8, 2019, 11:06 am
#113
Suspended
Join Date: Jun 2008
Posts: 2,246
Jul 8, 2019, 11:27 am
#115
Join Date: May 2006
Location: 5 miles from EMA
Programs: BD, BAEC Pleb, VS Pleb, Accor Pleb, HHonors Gold, Big White Season Pass
Posts: 5,904
VS can market the hell out of said cheap fares.
Jul 8, 2019, 11:29 am
#116
Join Date: Jan 2012
Location: Northumberland
Posts: 151
Yep, that's what annoys me the most. That my CC details get compromised is one thing, but that's quickly resolved with a new card. I consider things like full name/ DoB/ address etc in the hands of people who shouldn't have them to be more of a problem. Especially with information seemingly getting collated - so add your mobile and email(s) to that and they have a lot of info.
Exactly. I was hit with reward bookings and revenue bookings. And nearly everything was given out on a plate. I don't mind my credit card data being out there because it is fixable. I don't mind my address, email etc. being out there because not much damage can be done without credit card information and date of birth. But I do mind everything being given out in one go. And I do mind arrogance. And that's why BA hasn't seen a penny from me since last September, except in fees for reward bookings as I burn down my Avios balance.
Moving everything to Star instead of OW is not without its drawbacks - especially at non-Star hubs. But I really am happy I shifted over to Star instead of OW. And as 90% or so of my segments were BA, it's basically Lufty, Swiss and LOT getting my money now instead of BA.
Also: the LOT gold lounge in Warsaw on a quiet day is just as good as, if not better than the Cathay F lounge in T3 was prior to refurbishment. Superb food. The revamped Lufty lounges hold their own food wise too. T2 Air Canada lounge betters T5 GF [as long as you don't mind the walk] for breakfast. Swiss lounges are not as good as you might expect them to be. And at non-Star hubs if you are Star Gold and flying economy, fast-track is not guaranteed. [Or lounge access either if you are flying SAS]. Basically: there are more quirks with Star than with OW. But on balance, for me anyway, moving to Star betters the 90% or so of segments I took with BA as OWE. And if Lufty, Swiss, or LOT give away all my information in one go I'll stop using them too.
Last edited by abitwild; Jul 8, 2019 at 12:27 pm
Jul 8, 2019, 11:35 am
#117
Ambassador: Emirates Airlines
Join Date: Sep 2004
Location: Manchester, UK
Posts: 18,603
Jul 8, 2019, 11:52 am
#119
Join Date: Nov 2011
Location: London
Programs: BA Gold
Posts: 4,028
There’s also a lower maximum of €10m (or equivalent)/2% of the preceding years global turnover, but that wouldn’t be what’s being used here
Jul 8, 2019, 11:54 am
#120
Suspended
Join Date: Sep 2018
Location: Somewhere in the Air
Programs: BA GGL, *A Silver, OW Emerald, HH Diamond, Karahi Express
Posts: 554