The UK’s data privacy watchdog on Friday slashed a fine imposed on British Airways over a cyber attack after taking into account coronavirus fallout on the embattled airline’s finances.
The UK Information Commissioner’s Office said BA would be fined a “record” £20 million ($25 million, 22 million euros), considerably less that the proposed amount totalling £183 million.
“As part of the regulatory process the ICO considered both representations from BA and the economic impact of Covid-19 on their business before setting a final penalty,” the watchdog said in a statement.
The proposed amount was announced in July last year after computer hackers in 2018 stole bank details from hundreds of thousands of British Airways passengers.
The ICO on Friday repeated its finding that BA had infringed European Union data protection rules, or GDPR.
“Because the BA breach happened in June 2018, before the UK left the EU, the ICO investigated on behalf of all EU authorities as lead supervisory authority under the GDPR,” Friday’s statement said.
British Airways, which is slashing thousands of jobs as the coronavirus pandemic decimates demand for air travel, surprised markets on Monday by announcing the sudden departure of chief executive Alex Cruz.