British Airways was fined up to £20m ($26 m) by the knowledge Commissioner’s Office (ICO) for a breach of information affecting over 400,000 consumers.
The breach occurred in 2018 and involved both customers MasterCard records.
The fine is significantly but that of the £183 m that the ICO initially said it planned to issue back in 2019.
It said that “the economic effects of Covid-19” had been taken under consideration.
Even so, it’s also the best sanction thus far imposed by the ICO.
The event happened after BA’s databases were hacked by its perpetrators, and so updated to gather the information of the purchasers as input.
It was two months already when BA was fully informed of it by a security specialist, then alerted to the ICO.
How did the attackers get to British Airways?
BA Boss says sorry breach of knowledge
The stolen data contained login, payment card and airline reservation information furthermore as names and addresses data.
A subsequent inquiry found that sufficient security mechanisms, like multi-factor authentication, weren’t in effect at that period.
The ICO noticed that some of those steps were applicable to the Microsoft Windows software package that BA used at the time.
“If companies make bad choices about an individual’s private data, they may have a true effect on people’s lives. Now, the legislation provides us with tools to enable corporations to form smarter decisions about data, like engaging in up-to-date protection,” said Information Commissioner Elizabeth Denman.
British Airways said that it warned consumers as soon because it revealed about the attack on its networks.
“We are satisfied that the ICO acknowledges that we’ve made significant improvements to the security of our services since the assault which we’ve completely cooperated with the inquiry,” said the spokesperson.
British Airways fined £20m for breach of records
British Airways was fined up to £20m ($26 m) by the knowledge Commissioner’s Office (ICO) for a breach of information affecting over 400,000 consumers.
The breach occurred in 2018 and involved both customers MasterCard records.
The fine is significantly but that of the £183 m that the ICO initially said it planned to issue back in 2019.
It said that “the economic effects of Covid-19” had been taken under consideration.
Even so, it’s also the best sanction thus far imposed by the ICO.
The event happened after BA’s databases were hacked by its perpetrators, and so updated to gather the information of the purchasers as input.
It was two months already when BA was fully informed of it by a security specialist, then alerted to the ICO.
How did the attackers get to British Airways?
BA Boss says sorry breach of knowledge
The stolen data contained login, payment card and airline reservation information furthermore as names and addresses data.
A subsequent inquiry found that sufficient security mechanisms, like multi-factor authentication, weren’t in effect at that period.
The ICO noticed that some of those steps were applicable to the Microsoft Windows software package that BA used at the time.
“If companies make bad choices about an individual’s private data, they may have a true effect on people’s lives. Now, the legislation provides us with tools to enable corporations to form smarter decisions about data, like engaging in up-to-date protection,” said Information Commissioner Elizabeth Denman.
British Airways said that it warned consumers as soon because it revealed about the attack on its networks.
“We are satisfied that the ICO acknowledges that we’ve made significant improvements to the security of our services since the assault which we’ve completely cooperated with the inquiry,” said the spokesperson.