Britain’s information commissioner has fined British Airways 20 million pounds ($25 million) for failing to protect personal data for some 400,000 customers, the largest fine the agency has ever issued.
The ICO said in a statement Friday that the airline was processing personal data without adequate security measures. It also noted that it did not detect a 2018 cyber attack for two months.
Information Commissioner Elizabeth Denham said says BA’s “failure to act was unacceptable and affected hundreds of thousands of people, which may have caused some anxiety and distress as a result.”
Under the European Union’s General Data Protection Rules imposed in 2018, organizations face fines of up to 20 million euros ($23 million) or 4% of annual global turnover — whichever is greater — for the most serious violations.
Related: Former Contractor Sentenced to Prison for Hacking British Airline Jet2
Related: British Airways Faces $230 Million Fine for 2018 Breach
Related: British Airways Criticized for Exposing Passenger Flight Details
Related: British Airways, Another Victim of Ongoing Magecart Attacks
More from Associated Press
- Minister: Cybercrimes Now 20% of Spain’s Registered Offenses
- UN Experts: North Korean Hackers Stole Record Virtual Assets
- Germany Appoints Central Bank IT Chief to Head Cybersecurity
- US Downs Chinese Balloon Off Carolina Coast
- Microsoft: Iran Unit Behind Charlie Hebdo Hack-and-Leak Op
- Feds Say Cyberattack Caused Suicide Helpline’s Outage
- Big China Spy Balloon Moving East Over US, Pentagon Says
- China Says It’s Looking Into Report of Spy Balloon Over US
Latest News
- Minister: Cybercrimes Now 20% of Spain’s Registered Offenses
- Skybox Security Raises $50M, Hires New CEO
- Spies, Hackers, Informants: How China Snoops on the US
- Australian Man Sentenced for Scam Related to Optus Hack
- Chrome 110 Patches 15 Vulnerabilities
- Application Security Protection for the Masses
- Tor Network Under DDoS Pressure for 7 Months
- Siemens License Manager Vulnerabilities Allow ICS Hacking
