British Airways fined £183m after card details of 400,000 customers are stolen from their website and app
BRITISH Airways is set to be fined £183.4million after card details of 400,000 customers were stolen from its website and app.
The airline has been hit by the Information Commissioner's Office for the alleged theft of customers' personal information last year.
The personal and financial details of customers making bookings between August 21 and September 5 were stolen.
In total, card details of 380,000 customers were said to be leaked by the hackers.
Names, billing addresses and email addresses were also exposed - but BA claimed travel or passport details were not accessed during the breach.
The fine represents just 1.5 per cent of BA's worldwide turnover for the financial year.
How to keep yourself safe from hackers and scammers
HERE's how to stay safe online
- Make a 'strong' password with 8 or more characters and a combination of upper case characters, numbers and symbols
- Don't do online banking on public WiFi, unless absolutely necessary
- Don't click on dodgy email links claiming to be from banks
- Use different passwords for different sites
- Never re-use your main email password
- Use anti-virus software
- Don't accept Facebook friend requests or LinkedIn invitations from people you don't know
- Think before you put personal info on social media
- Find My iPhone, Android Lost and BlackBerry Protect all allow you to remotely wipe a stolen phone. Set this feature up
- Only shop online on secure sites
- Don't store your card details on websites
- Password protect your phone and other devices
The fine comes as a result of the General Data Protection Regulation (GDPR) rules, which came into force last year and aims to make it easier for people to control how companies use their personal details.
The airline declined to say whether it plans to compensate customers when contacted by The Sun.
It also didn't want to share exactly how many customers had their data stolen, and whether everyone had their card details taken.
Information Commissioner Elizabeth Denham said: "People’s personal data is just that – personal.
"When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience.
"That’s why the law is clear – when you are entrusted with personal data you must look after it."
British Airways chairman Alex Cruz said the airline was "disappointed" by the plans to fine the company.
He said: "We are surprised and disappointed in this initial finding from the ICO.
"British Airways responded quickly to a criminal act to steal customers' data.
"We have found no evidence of fraud/fraudulent activity on accounts linked to the theft.
"We apologise to our customers for any inconvenience this event caused."
Willie Walsh, chief executive of BA's owner International Airlines Group (IAG), said the airline would make "any necessary appeals" against the penalty.
The Sun Says
WE’VE got little sympathy for British Airways, whose data debacle put passengers’ personal information at risk.
But the fine handed down — of nearly £200million — is eye-watering. Firms of a much smaller scale would lack the ability to absorb a similar financial hit.
The Information Commissioner now has the power to really stick the boot in when companies fail to keep data safe.
That power must be used wisely.
Most read in money
Experts claimed in September that Russian hackers were behind the massive British Airways data theft.
Meanwhile, in 2017 a computer meltdown forced British Airways to cancel 726 flights over three days.
It left 75,000 passengers stranded and lost the company around £100million.
We pay for your stories! Do you have a story for The Sun Online Money team? Email us at [email protected]