British Airways threatened with 204 million euros fine
The British data protection authority, the Information Commissioner’s Office (ICO), has announced that it intends to fine British Airways 204 million euros for violations of the EU DSGVO.
The cyber incident was reported to the ICO in September 2018.
Reason: Infringement of Art. 32 DSGVO “Security of processing”.
Part of the incident involved redirecting visitor traffic to a fraudulent site on the British Airways website. This fake site was used to steal customer data from the attackers. This incident, which is believed to have started in June 2018, involves the personal data of approximately 500,000 customers.
The ICO investigation has revealed that inadequate security measures within the company were the cause of the data leakage. As a result, login, credit card and travel booking data as well as name and address information could be accessed by the attackers.
British Airways will now have the opportunity to make a statement to the ICO regarding the findings and sanctions.
Picture: British Airways/Wikimedia Commons
Marriott also faces heavy fines – read here.
Note: This is a machine translation. It is neither 100% complete nor 100% correct. We can therefore not guarantee the result.