BA may pay only £20m for data breach

The Daily Telegraph - Business - - Front Page - By Michael Cog­ley

BRI­TISH AIR­WAYS ex­pects the £183m fine for breach­ing data rules to be writ­ten down by al­most 90pc.

The In­for­ma­tion Com­mis­sioner’s Of­fice sig­nalled its in­ten­tion to fine the air­line in July last year af­ter hun­dreds of thou­sands of cus­tomers’ fi­nan­cial de­tails were stolen dur­ing a cy­ber­at­tack in 2018. The ICO said the air­line was com­pro­mised by “poor se­cu­rity ar­range­ments” when it un­veiled the penalty – one of the first of its kind fol­low­ing the in­tro­duc­tion of the GDPR rules.

BA ex­pects the fine to be re­duced con­sid­er­ably, a state­ment in­cluded in the in­terim re­sults of par­ent com­pany IAG said on Fri­day.

IAG said there had been an ex­cep­tional ex­pense of €22m (£20.1m) set aside in re­la­tion to the “theft of cus­tomer data at Bri­tish Air­ways

in 2018”. The com­pany said it was man­age­ment’s “best es­ti­mate” of the amount of “any penalty is­sued by the ICO” and that the process was “on­go­ing”.

Judy Krieg, pri­vacy part­ner at law firm Field­fisher, said the fig­ure did not “come out of thin air”.

An ICO spokesman said: “The reg­u­la­tory process is on­go­ing and we will not be com­ment­ing un­til it has con­cluded.”

Newspapers in English

Newspapers from UK

© PressReader. All rights reserved.