[Updated] 2018 data breach : BA fined £20 million

Reply Subscribe

Thread Tools

Search this Thread

Jul 8, 2019, 12:21 am

Starship73

Original Poster

Join Date: Nov 2016

Programs: BAEC Silver

Posts: 457

[Updated] 2018 data breach : BA fined £20 million

This just breaking: https://www.bbc.co.uk/news/business-48905907

Mod edit: to comply with rule 7, FT requires a summary so members can decide whether to click through to the linked article

Quote:

The watchdog said a variety of information was "compromised" by poor security arrangements at the company, including log in, payment card, and travel booking details as well name and address information.

Quote:

The watchdog said BA had co-operated with its investigation and made improvements to its security arrangements.

Quote:

The penalty is divided up between the other European data authorities, while the money that comes to the ICO goes directly to the Treasury.

Quote:

It is up to individuals to claim money from BA, which provided no information on whether any compensation had been paid.

Quote:

BA has 28 days to appeal. Willie Walsh, chief executive of IAG, said British Airways would be making representations to the ICO.

dodgeflyer likes this.

Last edited by Prospero; Jul 9, 2019 at 4:09 am Reason: to comply with rule 7

Jul 8, 2019, 12:24 am

rapidex

Join Date: Nov 2010

Posts: 5,596

What will happen to Alex's bonus now?

Jul 8, 2019, 12:31 am

rockflyertalk

Join Date: Jun 2015

Location: LHR, LGW

Programs: BAEC

Posts: 3,421

Quote:

Originally Posted by rapidex

What will happen to Alex's bonus now?

It will go up of course

origin, orbitmic, RoyalSwazi and 7 others like this.

Jul 8, 2019, 12:31 am

Misco60

Join Date: Oct 2015

Location: Vale of Glamorgan

Programs: BAEC Gold

Posts: 2,991

British Airways says it's "surprised and disappointed" by the fine. Much as many of us were by the data breach and the subsequent indifference that BA showed towards the affected customers.

SK, Crampedin13A, NYLON Boy and 26 others like this.

Jul 8, 2019, 12:32 am

acucobol

Join Date: Nov 2018

Posts: 105

Good news for the class action lawsuit?

Jul 8, 2019, 12:41 am

u01sss3

Join Date: Nov 2011

Location: Edinburgh

Programs: BAEC

Posts: 547

Any fine will probably just be passed onto us. Probably bad news.

Wong Jnr, origin, wrp96 and 3 others like this.

Jul 8, 2019, 12:49 am

Oaxaca

Join Date: Dec 2014

Location: UK

Programs: BA, U2+, SK, AF/KL, IHG, Hilton, others gathering dust...

Posts: 2,552

BA fined £183m for 2018 data breach by UK ICO

https://www.bbc.co.uk/news/business-48905907

BA has been handed a record fine by the UK Information Commissioner’s Office for the 2018 data breach. Given that the previous record was £500k (according to the BBC), £183m is a huge statement.

BA/IAG has already said it will appeal, will be interesting to see what the ICO’s reasons are for the size of the fine.

Mods - I know there are existing threads on this, so feel free to merge if you don’t think this merits a separate thread.

Jul 8, 2019, 12:51 am

13901

Join Date: May 2014

Posts: 7,236

...and to think Alex was saying, at staff briefings, that "we won't be fined".

Yet another stirling success of IAG's Group IT strategy.

Dover2Golf and becks1 like this.

Jul 8, 2019, 12:52 am

Flexible preferences

Join Date: May 2010

Location: UK

Posts: 5,380

Yes, the reasons would be helpful. This does seem very large, especially if BA cooperated fully.

Jul 8, 2019, 12:59 am

#10

colm

Join Date: Jan 2006

Location: London

Programs: BA Gold, VS Silver, Alitalia Freccia Alta, Starwood Gold, Hilton Diamond, Accor Platinum

Posts: 408

Good. A few more of these and firms will start taking information security seriously.

SK, BA or bust, justin_krusty and 17 others like this.

Jul 8, 2019, 1:04 am

#11

muscat

Join Date: Feb 2009

Posts: 1,060

Quote:

Originally Posted by u01sss3

Any fine will probably just be passed onto us. Probably bad news.

With 45 million passengers per year, it’s only an extra £4 on every ticket. I do wonder what the point of these massive fines are when it is easy for a major company to pass the (minor) cost on to a large number of consumers. Surely better to fine board members or executives.

Grace B, MarkLHR, TheOldMan and 7 others like this.

Jul 8, 2019, 1:04 am

#12

Sailbot3310

Join Date: Mar 2019

Posts: 133

Who does the penalty money go to? Those affected?

I dropped out the lawsuit as I had no faith in SPG Law, I hope that isn't something I will come to regret!

Jul 8, 2019, 1:05 am

#13

Misco60

Join Date: Oct 2015

Location: Vale of Glamorgan

Programs: BAEC Gold

Posts: 2,991

The ICO website offers further information about the fine.

Quote:

The ICO’s investigation has found that a variety of information was compromised by poor security arrangements at the company, including log in, payment card, and travel booking details as well name and address information.

Information Commissioner Elizabeth Denham said: “People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. That’s why the law is clear – when you are entrusted with personal data you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.”

wrp96 likes this.

Jul 8, 2019, 1:05 am

#14

thebigben

Join Date: Oct 2017

Location: London

Programs: BA Gold / OW Emerald

Posts: 753

I love how BA is trying to make us believe that a simple XSS attack is "sophisticated".

Maybe I should wear a tuxedo next time I practice my penetration testing skills. Then I'd be sophisticated.

jason8612, justin_krusty, Quark999 and 1 others like this.

Jul 8, 2019, 1:06 am

#15

Cw novice

Join Date: Feb 2016

Posts: 940

Will be interesting to see if this has any effect on AC's position. My only hope would be that frontline staff aren't made to bear the brunt of management mistakes.

Dover2Golf likes this.

Reply Share

First
Prev
1 / 21
Next
Last

Forum Jump