British Airways faces 20 million EUR GDPR fine after a data breach
ICO, the UK data protection authority fines British Airlines a record 20 million EUR (GBP 183 million) over last years data breach.
They stole data from about 500.000 users including
- login information
- credit card data
- travel booking details
After announcing the fine, the Information Commissioner Elizabeth Denham said that the loss of personal data “is more than an inconvenience”.
Earlier a fine of 200 Million GBP was considered. The fine for BA would amount to 1.5% of its 2017 revenue.
British Airways has 28 days to appeal the ruling before its made final.
The fine was lowered by the data protection authority. Instead of 200 million euro, the company has to pay “only” 22.5 million euro.
Type of Issue:
Theft of Data
Number of involved data records:
Special category of data involved:
Violation of GDPR Paragraph:
32. Security of processing