British Airways data breach fine reduced dramatically in light of Covid-19

  • The record £183m fine issued to British Airways for a serious 2018 data breach was reduced to £20m in light of the Covid-19 crisis.

    Back in July 2019, British Airways was the victim of a very serious data breach involving the personal details and credit card information of over 400,000 customers. The Information Commissioner's Office (ICO) issued a record-breaking fine of £183m to the company under the new European General Data Protection Regulation (GDPR).

    GDPR carries a maximum fine of €10-20m EUR or 2-4% of annual global turnover (whichever is higher) for serious breaches that are ruled to be the company's fault, significantly higher than the £500,000 maximum the ICO was previously limited to fining companies. The £183m fine would have been the largest issued under GDPR to date.

    RELATED: British Airways hit with £183m GDPR fine for data breach

    The ICO has now issued the actual fine following lengthy discussions with the parties involved, and has elected to dramatically reduce the charge to £20m. This is still the largest single fine that the ICO has ever issued and sends a clear message to large companies that data security must take priority. The reduction was carried out in part to reflect the reduced income of the company due to Covid-19.

    The British Airways breach was caused by the company's poor code maintenance practices, as the company's website was running an old version of the third party software library Modernizr that had a known vulnerability. That vulnerability was exploited by attackers, who captured user data directly from the website itself.

    RELATED: British Airways breach: Old third-party software was to blame

    Source: BBC News

    About the author

    Brendan is a Sync NI writer with a special interest in the gaming sector, programming, emerging technology, and physics. To connect with Brendan, feel free to send him an email or follow him on Twitter.

    Got a news-related tip you’d like to see covered on Sync NI? Email the editorial team for our consideration.

    Sign up now for a FREE weekly newsletter showcasing the latest news, jobs and events in NI’s tech sector.

Share this story