[Updated] 2018 data breach : BA fined £20 million
This just breaking: https://www.bbc.co.uk/news/business-48905907 Mod edit: to comply with rule 7, FT requires a summary so members can decide whether to click through to the linked article The watchdog said a variety of information was "compromised" by poor security arrangements at the company, including log in, payment card, and travel booking details as well name and address information. The watchdog said BA had co-operated with its investigation and made improvements to its security arrangements. The penalty is divided up between the other European data authorities, while the money that comes to the ICO goes directly to the Treasury. It is up to individuals to claim money from BA, which provided no information on whether any compensation had been paid. BA has 28 days to appeal. Willie Walsh, chief executive of IAG, said British Airways would be making representations to the ICO. |
What will happen to Alex's bonus now?
|
Originally Posted by rapidex
(Post 31280234)
What will happen to Alex's bonus now?
|
British Airways says it's "surprised and disappointed" by the fine. Much as many of us were by the data breach and the subsequent indifference that BA showed towards the affected customers.
|
Good news for the class action lawsuit? |
Any fine will probably just be passed onto us. Probably bad news.
|
BA fined £183m for 2018 data breach by UK ICO
https://www.bbc.co.uk/news/business-48905907 BA has been handed a record fine by the UK Information Commissioner’s Office for the 2018 data breach. Given that the previous record was £500k (according to the BBC), £183m is a huge statement. BA/IAG has already said it will appeal, will be interesting to see what the ICO’s reasons are for the size of the fine. Mods - I know there are existing threads on this, so feel free to merge if you don’t think this merits a separate thread. |
...and to think Alex was saying, at staff briefings, that "we won't be fined".
Yet another stirling success of IAG's Group IT strategy. |
Yes, the reasons would be helpful. This does seem very large, especially if BA cooperated fully.
|
Good. A few more of these and firms will start taking information security seriously.
|
Originally Posted by u01sss3
(Post 31280277)
Any fine will probably just be passed onto us. Probably bad news.
|
Who does the penalty money go to? Those affected?
I dropped out the lawsuit as I had no faith in SPG Law, I hope that isn't something I will come to regret! |
The ICO website offers further information about the fine.
The ICO’s investigation has found that a variety of information was compromised by poor security arrangements at the company, including log in, payment card, and travel booking details as well name and address information. Information Commissioner Elizabeth Denham said: “People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience. That’s why the law is clear – when you are entrusted with personal data you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.” |
I love how BA is trying to make us believe that a simple XSS attack is "sophisticated".
Maybe I should wear a tuxedo next time I practice my penetration testing skills. Then I'd be sophisticated. |
Will be interesting to see if this has any effect on AC's position. My only hope would be that frontline staff aren't made to bear the brunt of management mistakes.
|
All times are GMT -6. The time now is 8:30 pm. |
This site is owned, operated, and maintained by MH Sub I, LLC dba Internet Brands. Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Designated trademarks are the property of their respective owners.