New Delhi -°C
Today in New Delhi, India

Sep 22, 2019-Sunday
-°C

Humidity
-

Wind
-

Select city

Metro cities - Delhi, Mumbai, Chennai, Kolkata

Other cities - Noida, Gurgaon, Bengaluru, Hyderabad, Bhopal , Chandigarh , Dehradun, Indore, Jaipur, Lucknow, Patna, Ranchi

Sunday, Sep 22, 2019

British Airways fined £183m over computer theft of passenger data

Using new rules to prevent and impose fines for data breach, Britain’s information regulator on Monday announced a record £183.39 million fine on British Airways (BA) for a 2018 breach that led to its website users diverted to a fraud site.

world Updated: Jul 08, 2019 17:08 IST
Prasun Sonwalkar
Prasun Sonwalkar
Hindustan Times, London
British Airways has been fined more than £183 million after computer hackers stole bank details from passengers.
British Airways has been fined more than £183 million after computer hackers stole bank details from passengers.(AFP Photo)
         

Using new rules to prevent and impose fines for data breach, Britain’s information regulator on Monday announced a record £183.39 million fine on British Airways (BA) for a 2018 breach that led to its website users diverted to a fraud site.

The highest fine so far was £500,000 imposed on Facebook for its role in the Cambridge Analytica scandal, but the Information Commissioner’s Office (ICO) used new norms under the General Data Protection Regulations (GDPR) that came into force across the EU in 2018 to fine BA.

The ICO’s announcement is an ‘intention to fine’ the amount. BA has 28 days to appeal against it. The airline said it had apologised to customers and would appeal and defend its position vigorously.

BA said the issue arose after hackers carried out what it called a “sophisticated, malicious criminal attack”, adding it is “surprised and disappointed” by the fine. Details of 5 lakh customers were harvested by the fraudulent site, the ICO said.

The ICO’s investigation found that a variety of information was compromised by poor security arrangements at the company, including log in, payment card, and travel booking details as well name and address information.

Information commissioner Elizabeth Denham said: “People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience”.

“That’s why the law is clear – when you are entrusted with personal data you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights”.

The GDPR came into force following a major shake-up of privacy laws, which increase fines for data breach up to 4 per cent of a company’s turnover.

Also read | British Airways says will follow US guidance to avoid parts of Iranian airspace

First Published: Jul 08, 2019 12:54 IST