Data Breach: British Airways Faces record £183m fine

Have you seen the latest Data Breach News?

Not a day goes by with our the word Data Breach making the headlines, sustomers may have seen in the press that British Airway have have been hit with a record £183m fine for a Data Breach. Most importantly we want to make sure are customers are aware of whats happened an the precedent this could set for businesses going forward.

What happened?

 

It is believed the incident took place after users of British Airways’ website were diverted to a fraudulent site. Through this false site, details of about 500,000 customers were harvested by the attackers

What information was stolen?

The ICO said the incident was believed to have begun in June 2018.

The watchdog said a variety of information was “compromised” by poor security arrangements at the company, including log in, payment card, and travel booking details as well name and address information.

British Airway  initially said information involved included names, email addresses, credit card information such as credit card numbers, expiry dates and the three-digit CVV code found on the back of credit cards.

 

What are the new rules?

The General Data Protection Regulation (GDPR) came into force last year and was the biggest shake-up to data privacy in 20 years.

The penalty imposed on BA is the first one to be made public since those rules were introduced, which make it mandatory to report data security breaches to the information commissioner.

It also increased the maximum penalty to 4% of turnover. The BA penalty amounts to 1.5% of its worldwide turnover in 2017, less than the possible maximum.

Until now, the biggest penalty was £500,000, imposed on Facebook for its role in the Cambridge Analytica data scandal. That was the maximum allowed under the old data protection rules that applied before GDPR.

GDPR and your business, how can we help protect your business?

GDPR regulations apply to all business from Tradesman to large business like BA, make sure your business is protected against any data breaches and much more by one of our amazing Cyber Products.

Contact