LONDON, UK: British Airways has been slapped with a record fine of $230 million after a website failure that resulted in compromised privacy of nearly 500,000 customers.
It is the biggest penalty under the tough General Data Protection Regulation (GDPR), which came into force last year in the European Union.
The Information Commissioner’s Office said that weak security allowed user traffic to be diverted from the British Airways website to a fraudulent page starting in June 2018.
The regulator said the company has the right to contest the proposed fine.
The hackers were able to retrieve customer details including logins, payment cards, and travel booking details, the regulator disclosed.
British Airways revealed about the privacy breach in September 2018.
The $230 million fine is roughly 1.5% of British Airways’ annual revenue.
“We are surprised and disappointed in this initial finding,” British Airways CEO Alex Cruz said in a statement.
“British Airways responded quickly to a criminal act to steal customers’ data. We have found no evidence of fraud [or] fraudulent activity on accounts linked to the theft,” he stressed.
The EU regulation forces companies to ensure that the data, they collect, process and store, is safe.
Any firm that stores or uses data on people inside the European Union is subject to the rules, regardless of its origin.
Companies can be fined up to 4% of their annual revenue in case of a data breach.
“People’s personal data is just that — personal. When an organization fails to protect it from loss, damage or theft it is more than an inconvenience,” Information Commissioner Elizabeth Denham said.
“That’s why the law is clear — when you are entrusted with personal data you must look after it,” she added.
Data protection counsel Gita Shivarattan said the proposed penalty shows that “European data protection regulators are clearly ramping up fines for data breaches.”
“It reflects the seriousness of the regulators where there is a significant breach of GDPR obligations,” Shivarattan reflected.
Facebook was fined $626,000 last year over Cambridge Analytica scandal, the maximum allowed penalty before GDPR came into force.
Dear TNT Reader,
At The News Tribe, our mission is to bring you free, independent, and unbiased news and content that keeps you informed and empowered. We are committed to upholding the highest standards of journalism, as we understand that we are a platform for truth.
Apart from independent global news coverage, we also commit our unique focus on the Muslim world. In an age marked by the troubling rise of Islamophobia and widespread misrepresentation of Muslims in Western media, we strive to provide accurate and fair coverage.
But to continue doing so, we need your support. Even a small donation of 1$ can make a big difference. Your contribution will help us maintain the quality of our news and counteract the negative narratives that are so prevalent.
Please consider donating today to ensure we can keep delivering the news that matters. Together, we can make a positive impact on the world, and work towards a more inclusive, informed global society.
Donate Monthly Subscription Annual Subscription
