Earlier this week the Information Commissioner’s Office (ICO) imposed a record data breach fine. The £183 million penalty was awarded to British Airways for last year’s breach of its security systems.
In 2018, the personal and financial information of nearly 500,000 British Airway’s passengers were stolen during a hacking incident. The hack is believed to date back three months from when the airline revealed the breach last September. The criminals stole passenger names, home addresses and credit card data. Part of the scam involved diverting passengers to a fake website which harvested their details.
The British Airways fine is the largest penalty that the ICO has ever handed out and under the General Data Protection Regulation (GDPR), the first to be made public.
The ICO’s findings blamed poor security arrangements at the airline.
For a legal interpretation of the ICO punishment, head over to Stephen Scown’s website and read 5 things to know about the ICO fine on British Airways.
The law regarding data protection is clear – when you are entrusted with personal data, you must look after it. The British Airways data breach fine might be the highest yet, but post-GDPR the ICO has the power to enforce a penalty of up to 4% of turnover. If you don’t take adequate steps to protect the personal data you hold within your business, and you suffer a breach, the consequences could be catastrophic to your business.
If you’re worried about your cyber security, please give us a call on 01392 207194 and let us help make sure your business is adequately protected.