Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Compliance

UK Data Privacy Watchdog Slashes BA Fine as Virus Bites

The UK’s data privacy watchdog on Friday slashed a fine imposed on British Airways over a cyber attack after taking into account coronavirus fallout on the embattled airline’s finances.

The UK’s data privacy watchdog on Friday slashed a fine imposed on British Airways over a cyber attack after taking into account coronavirus fallout on the embattled airline’s finances.

The UK Information Commissioner’s Office said BA would be fined a “record” £20 million ($25 million, 22 million euros), considerably less that the proposed amount totalling £183 million.

“As part of the regulatory process the ICO considered both representations from BA and the economic impact of Covid-19 on their business before setting a final penalty,” the watchdog said in a statement.

The proposed amount was announced in July last year after computer hackers in 2018 stole bank details from hundreds of thousands of British Airways passengers.

The ICO on Friday repeated its finding that BA had infringed European Union data protection rules, or GDPR.

“Because the BA breach happened in June 2018, before the UK left the EU, the ICO investigated on behalf of all EU authorities as lead supervisory authority under the GDPR,” Friday’s statement said.

British Airways, which is slashing thousands of jobs as the coronavirus pandemic decimates demand for air travel, surprised markets on Monday by announcing the sudden departure of chief executive Alex Cruz.

Related: Former Contractor Sentenced to Prison for Hacking British Airline Jet2

Related: British Airways Faces $230 Million Fine for 2018 Breach

Related: British Airways Criticized for Exposing Passenger Flight Details

Related: British Airways, Another Victim of Ongoing Magecart Attacks

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.

Register

Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Data Breaches

LastPass DevOp engineer's home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud...

Application Security

GitHub this week announced the revocation of three certificates used for the GitHub Desktop and Atom applications.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Data Breaches

GoTo said an unidentified threat actor stole encrypted backups and an encryption key for a portion of that data during a 2022 breach.

Funding/M&A

Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.