BA faces £183m fine over data breach

Reply

Old Jul 8, 19, 12:21 am
  #1  
Original Poster
 
Join Date: Nov 2016
Programs: BAEC Gold
Posts: 178
BA faces £183m fine over data breach


Mod edit: to comply with rule 7, FT requires a summary so members can decide whether to click through to the linked article

The watchdog said a variety of information was "compromised" by poor security arrangements at the company, including log in, payment card, and travel booking details as well name and address information.
The watchdog said BA had co-operated with its investigation and made improvements to its security arrangements.
The penalty is divided up between the other European data authorities, while the money that comes to the ICO goes directly to the Treasury.
It is up to individuals to claim money from BA, which provided no information on whether any compensation had been paid.
BA has 28 days to appeal. Willie Walsh, chief executive of IAG, said British Airways would be making representations to the ICO.
dodgeflyer likes this.

Last edited by Prospero; Jul 9, 19 at 4:09 am Reason: to comply with rule 7
Starship73 is offline  
Reply With Quote
Old Jul 8, 19, 12:24 am
  #2  
 
Join Date: Nov 2010
Posts: 3,915
What will happen to Alex's bonus now?
rapidex is online now  
Reply With Quote
Old Jul 8, 19, 12:31 am
  #3  
 
Join Date: Jun 2015
Location: LHR, LGW
Programs: BAEC
Posts: 1,667
Originally Posted by rapidex View Post
What will happen to Alex's bonus now?
It will go up of course
rockflyertalk is offline  
Reply With Quote
Old Jul 8, 19, 12:31 am
  #4  
 
Join Date: Oct 2015
Location: Berlin
Programs: BAEC Gold
Posts: 878
British Airways says it's "surprised and disappointed" by the fine. Much as many of us were by the data breach and the subsequent indifference that BA showed towards the affected customers.
Misco60 is offline  
Reply With Quote
Old Jul 8, 19, 12:32 am
  #5  
 
Join Date: Nov 2018
Posts: 13
Good news for the class action lawsuit?
acucobol is offline  
Reply With Quote
Old Jul 8, 19, 12:41 am
  #6  
 
Join Date: Nov 2011
Posts: 45
Any fine will probably just be passed onto us. Probably bad news.
Wong Jnr, origin, wrp96 and 3 others like this.
u01sss3 is offline  
Reply With Quote
Old Jul 8, 19, 12:49 am
  #7  
 
Join Date: Dec 2014
Location: UK
Programs: BA, U2+, SK, IHG, Hilton, others gathering dust...
Posts: 2,099
BA fined £183m for 2018 data breach by UK ICO


https://www.bbc.co.uk/news/business-48905907

BA has been handed a record fine by the UK Information Commissionerís Office for the 2018 data breach. Given that the previous record was £500k (according to the BBC), £183m is a huge statement.

BA/IAG has already said it will appeal, will be interesting to see what the ICOís reasons are for the size of the fine.

Mods - I know there are existing threads on this, so feel free to merge if you donít think this merits a separate thread.
Oaxaca is offline  
Reply With Quote
Old Jul 8, 19, 12:51 am
  #8  
 
Join Date: May 2019
Posts: 57
...and to think Alex was saying, at staff briefings, that "we won't be fined".

Yet another stirling success of IAG's Group IT strategy.
Dover2Golf and becks1 like this.
13901 is offline  
Reply With Quote
Old Jul 8, 19, 12:52 am
  #9  
 
Join Date: May 2010
Location: UK
Programs: BAEC Bronze
Posts: 5,126
Yes, the reasons would be helpful. This does seem very large, especially if BA cooperated fully.
Flexible preferences is offline  
Reply With Quote
Old Jul 8, 19, 12:59 am
  #10  
 
Join Date: Jan 2006
Location: London
Programs: BA Gold, VS Silver, Alitalia Freccia Alta, Starwood Gold, Hilton Diamond, Accor Platinum
Posts: 393
Good. A few more of these and firms will start taking information security seriously.
colm is offline  
Reply With Quote
Old Jul 8, 19, 1:04 am
  #11  
 
Join Date: Feb 2009
Posts: 855
Originally Posted by u01sss3 View Post
Any fine will probably just be passed onto us. Probably bad news.
With 45 million passengers per year, itís only an extra £4 on every ticket. I do wonder what the point of these massive fines are when it is easy for a major company to pass the (minor) cost on to a large number of consumers. Surely better to fine board members or executives.
muscat is offline  
Reply With Quote
Old Jul 8, 19, 1:04 am
  #12  
 
Join Date: Mar 2019
Posts: 38
Who does the penalty money go to? Those affected?

I dropped out the lawsuit as I had no faith in SPG Law, I hope that isn't something I will come to regret!
Sailbot3310 is online now  
Reply With Quote
Old Jul 8, 19, 1:05 am
  #13  
 
Join Date: Oct 2015
Location: Berlin
Programs: BAEC Gold
Posts: 878
The ICO website offers further information about the fine.

The ICOís investigation has found that a variety of information was compromised by poor security arrangements at the company, including log in, payment card, and travel booking details as well name and address information.

Information Commissioner Elizabeth Denham said: ďPeopleís personal data is just that Ė personal. When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. Thatís why the law is clear Ė when you are entrusted with personal data you must look after it. Those that donít will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.Ē
wrp96 likes this.
Misco60 is offline  
Reply With Quote
Old Jul 8, 19, 1:05 am
  #14  
 
Join Date: Oct 2017
Location: London
Programs: BA Gold / OW Emerald
Posts: 594
I love how BA is trying to make us believe that a simple XSS attack is "sophisticated".

Maybe I should wear a tuxedo next time I practice my penetration testing skills. Then I'd be sophisticated.
thebigben is offline  
Reply With Quote
Old Jul 8, 19, 1:06 am
  #15  
 
Join Date: Feb 2016
Posts: 206
Will be interesting to see if this has any effect on AC's position. My only hope would be that frontline staff aren't made to bear the brunt of management mistakes.
Dover2Golf likes this.
Cw novice is online now  
Reply With Quote

Thread Tools
Search this Thread