[Updated] 2018 data breach : BA fined £20 million
Jul 11, 2019, 2:51 am
#196
Join Date: Nov 2010
Posts: 5,596
Jul 11, 2019, 4:09 am
#197
Join Date: Jan 2006
Programs: AAdvantage Asia Miles Air China
Posts: 870
The reason the Banks are so hot on this now is precisely because they are being fined to high heaven for their misdeeds. Take a look just at HSBC which set aside US$1.5 Billion to settle fines in tax evasion, and money laundering fines alone in 2018.
These dwarf a piddly £183 Million.
The Banks have been cleaning up their acts because governments want to crack down on this behaviour (and lets be honest it is a juicy source of revenue). GDPR is the beginning of the trend outside of the Banks. The UK Government netted £3 Billion in APD apparently, the potential that GDPR breaches offer could be eye-watering, especially to those who breach GDPR, and rightly so.
Last edited by Nicc HK; Jul 11, 2019 at 5:51 am
Jul 11, 2019, 4:23 am
#198
Join Date: Jul 2005
Location: London, ARN, HEL, ..... or MAN
Programs: BA GGL / GFL, Mucci Diamond!, HH Diamond, Radisson Premium, IHG Gold, Hertz Gold
Posts: 5,874
At even a conservative £1.5k per person per day that's £150k to mitigate a risk, but not to totally protect against it.
However I believe that if my client were then hacked, we would be able to prove that we had taken all reasonable efforts to enable the client to protect their customers' data and would be exonerated by the ICO. For BA to be facing such a fine to me shows that they weren't able to prove that they had made reasonable efforts (or maybe even any efforts) to protect against a known vulnerability. I doubt that Alex Cruz will have a grasp of even this simple level of detail, but his CIO should, and clearly they chose to bolster profits or invest elsewhere rather than comply with the law. I'm glad it's caught up with them.
Jul 11, 2019, 4:30 am
#199
Join Date: Oct 2017
Location: London
Programs: BA Gold / OW Emerald
Posts: 753
I totally agree that XSS isn't always easy to detect and fix, which is why my team put 5 person-months of effort into mitigating the risks of XSS and much penetration and vulnerability testing on my recent implementation.
At even a conservative £1.5k per person per day that's £150k to mitigate a risk, but not to totally protect against it.
However I believe that if my client were then hacked, we would be able to prove that we had taken all reasonable efforts to enable the client to protect their customers' data and would be exonerated by the ICO. For BA to be facing such a fine to me shows that they weren't able to prove that they had made reasonable efforts (or maybe even any efforts) to protect against a known vulnerability. I doubt that Alex Cruz will have a grasp of even this simple level of detail, but his CIO should, and clearly they chose to bolster profits or invest elsewhere rather than comply with the law. I'm glad it's caught up with them.
At even a conservative £1.5k per person per day that's £150k to mitigate a risk, but not to totally protect against it.
However I believe that if my client were then hacked, we would be able to prove that we had taken all reasonable efforts to enable the client to protect their customers' data and would be exonerated by the ICO. For BA to be facing such a fine to me shows that they weren't able to prove that they had made reasonable efforts (or maybe even any efforts) to protect against a known vulnerability. I doubt that Alex Cruz will have a grasp of even this simple level of detail, but his CIO should, and clearly they chose to bolster profits or invest elsewhere rather than comply with the law. I'm glad it's caught up with them.
Jul 11, 2019, 4:59 am
#200
Join Date: May 2006
Location: 5 miles from EMA
Programs: BD, BAEC Pleb, VS Pleb, Accor Pleb, HHonors Gold, Big White Season Pass
Posts: 5,903
They obviously don’t realise how much goodwill that statement alone has cost them.
Jul 11, 2019, 5:25 am
#201
FlyerTalk Evangelist
Join Date: Nov 2011
Location: Brighton. UK
Programs: BA Gold / VS /IHG Diamond & Ambassador
Posts: 14,176
According to the Guardian the fine will stay in the UK and go to the Exchequer
https://www.theguardian.com/business...-data-watchdog
Wonder where the suggestions that it would go to the EU came from and more importantly why it was suggested.
https://www.theguardian.com/business...-data-watchdog
Wonder where the suggestions that it would go to the EU came from and more importantly why it was suggested.
The guardian is correct on where the U.K. portion of the fine will go but omits that this was a pan European issue and some of the fine will go to countries with affected residents, There is a BBC report that explains this better.
In the U.K. ‘our’ share of the fine will revert to the treasury.. Other nations have other rules.
Jul 12, 2019, 12:39 am
#202
Suspended
Join Date: Sep 2013
Location: Mexico City
Programs: Life Miles, Miles and more
Posts: 518
A CEOs job is to maximise profits. Does anyone think that Alex Cruz is maximising profits by pissing off not only customers, but in this case a lot of his highest spending customers? If I was a shareholder I'd be asking him to go. He is clearly now only protecting himself, not the company. Trouble is, so are his superiors which is why he's still there. They're all up to their neck in it. When I think of the little mistakes everyday employees get reprimanded for, and these guys get away with this Scott free, it's disgusting. A shining example for anyone who thinks the corporate world is a meritocracy.
Jul 12, 2019, 1:10 am
#203
Join Date: Sep 2013
Programs: BAEC Gold, EK Skywards (enhanced Blue !), Oman Air Sindbad Gold
Posts: 6,395
................................
A CEOs job is to maximise profits. Does anyone think that Alex Cruz is maximising profits by pissing off not only customers, but in this case a lot of his highest spending customers? He is clearly now only protecting himself, not the company. Trouble is, so are his superiors which is why he's still there. They're all up to their neck in it.......
A CEOs job is to maximise profits. Does anyone think that Alex Cruz is maximising profits by pissing off not only customers, but in this case a lot of his highest spending customers? He is clearly now only protecting himself, not the company. Trouble is, so are his superiors which is why he's still there. They're all up to their neck in it.......
WW hands AC the hymn sheet. And Cruz then sings from it with gusto.
Jul 12, 2019, 6:59 am
#208
Suspended
Join Date: May 2011
Location: London
Programs: *A G, OW S.
Posts: 996
Jul 12, 2019, 7:42 am
#209
FlyerTalk Evangelist
Join Date: Mar 2010
Location: JER
Programs: BA Gold/OWE, several MUCCI, and assorted Pensions!
Posts: 32,140
Nice if you have the choice of carrier/route/destination etc., of course. From my POV those choices matter more than gestures which BA won’t notice, but undoubtedly make you feel better.
Jul 12, 2019, 10:46 am
#210
Suspended
Join Date: Jan 2003
Location: London, UK.
Programs: SQ LPPS, A3 *G, BA Silver aiming for Bronze
Posts: 1,506
I also doubt BA will notice in the short term but if enough high spending customers go they very soon will and it doesn't take long for a trickle to become a flood.
Equally I don't think moving your travel is a 'gesture'. It's a loud statement of discontent with BA, probably the loudest you can make. I was affected too and can choose my airlines so I've chosen elsewhere too. Do BA care, probably not but they are losing.
Equally I don't think moving your travel is a 'gesture'. It's a loud statement of discontent with BA, probably the loudest you can make. I was affected too and can choose my airlines so I've chosen elsewhere too. Do BA care, probably not but they are losing.