(Reuters) – Britain’s data protection watchdog said on Friday it has fined British Airways 20 million pounds – its biggest such penalty to date – for failing to protect data that left more than 400,000 of its customers’ details the subject of a 2018 cyber attack.

The Information Commissioner’s Office (ICO) said its investigators found BA should have identified weaknesses in its security and resolved them with measures available at the time, which would have prevented the data breach.

“Their failure to act was unacceptable and affected hundreds of thousands of people, which may have caused some anxiety and distress as a result,” the ICO said.

BA said in a statement that it had alerted customers as soon as it became aware of the attack.

The penalty was considerably less than the 183.4 million pounds the ICO proposed last year – in part reflecting the crisis the airline industry is now facing due to COVID-19.

Still, shares in BA’s Anglo-Spanish parent IAG ICAG.L slid to session lows following the announcement. By 0917 GMT, they were 3% lower at 93.2 pence.

On Monday, IAG announced it was replacing BA’s chief executive Alex Cruz with Aer Lingus boss Sean Doyle with immediate effect.

Announcing the penalty, the regulator said its investigators found that BA did not detect the attack on June 22, 2018 – but was alerted by a third party more than two months later, on Sept. 5.

The ICO added that it was not clear whether or when the company would have identified the attack itself.

“This was considered to be a severe failing because of the number of people affected and because any potential financial harm could have been more significant,” it said.

Explaining why the final penalty was substantially lower than first suggested, the regulator said it considered representations from BA and the economic impact of the coronavirus pandemic, which has upended the travel industry.

“We are pleased the ICO recognises that we have made considerable improvements to the security of our systems since the attack and that we fully co-operated with its investigation,” BA said in a statement.

Other major cyber incidents in the recent past include another London-listed airline, easyJet EZJ.L, which earlier this year said hackers had accessed the email and travel details of around 9 million customers.

U.S. hotel operator Marriott International MAR.O in March suffered its second data incident in less than two years, with information of about 5.2 million its hotel guests suffering a breach.

All quotes delayed a minimum of 15 minutes. See here for a complete list of exchanges and delays.

Source: https://uk.reuters.com/article/uk-british-airways-cyber-fine/british-airways-slapped-with-uk-data-watchdogs-biggest-ever-fine-idUKKBN27119G

British Airways, Data breach, Information Commissioner’s Office, International Airlines Group, United Kingdom

World news – GB – British Airways hit with UK data watchdog’s biggest-ever fine

En s’appuyant sur ses expertises dans les domaines du digital, des technologies et des process , CSS Engineering vous accompagne dans vos chantiers de transformation les plus ambitieux et vous aide à faire émerger de nouvelles idées, de nouvelles offres, de nouveaux modes de collaboration, de nouvelles manières de produire et de vendre.

CSS Engineering s’implique dans les projets de chaque client comme si c’était les siens. Nous croyons qu’une société de conseil devrait être plus que d’un conseiller. Nous nous mettons à la place de nos clients, pour aligner nos incitations à leurs objectifs, et collaborer pour débloquer le plein potentiel de leur entreprise. Cela établit des relations profondes et agréables.

Nos services:

  1. Création des sites web professionnels
  2. Hébergement web haute performance et illimité
  3. Vente et installation des caméras de vidéo surveillance
  4. Vente et installation des système de sécurité et d’alarme
  5. E-Marketing

Toutes nos réalisations ici https://www.css-engineering.com/en/works/

Previous articleIs Apple planning a Mac-themed November event?
Next articleAirPods Studio may come with some new audio tricks
Georges MOMO
Georges MOMO est Ingénieur informatique ( Diplôme obtenu à 3IL Limoges France) Il début sa carrière par un stage de fin d'étude d'ingénieur à Toulouse sur un projet de AIRBUS Toulouse Blagnac, il enchaîne ensuite à Nantes où il travaille sur le projet de la migration documentaire de la BPCE. Son ambition le conduit ensuite à Paris où il travaille sur deux projets de la banque de France (Validation des titres de bourse émis sur le marché européen et la génération centralisée des documents) qu'il quitte quelques années plus tard occupant le poste de responsable technique. Passionné de l'information, il est actif sur le web et sur le terrain depuis les années 2000.

LEAVE A REPLY

Please enter your comment!
Please enter your name here