Cyprus Mail 16 October 2020 - by Reuters News Service
BA fined 20 million pounds by ICO. Photo by Hannah McKayBritain’s data protection watchdog said on Friday it has fined British Airways 20 million pounds – its biggest such penalty to date – for failing to protect data that left more than 400,000 of its customers’ details the subject of a 2018 cyber attack.
The Information Commissioner’s Office (ICO) said its investigators found BA should have identified weaknesses in its security and resolved them with measures available at the time, which would have prevented the data breach.
“Their failure to act was unacceptable and affected hundreds of thousands of people, which may have caused some anxiety and distress as a result,” the ICO said.
BA said in a statement that it had alerted customers as soon as it became aware of the attack.
The penalty was considerably less than the 183.4 million pounds the ICO proposed last year – in part reflecting the crisis the airline industry is now facing due to COVID-19.
Still, shares in BA’s Anglo-Spanish parent IAG ICAG.L slid to session lows following the announcement. By 0917 GMT, they were 3% lower at 93.2 pence.
“This was considered to be a severe failing because of the number of people affected and because any potential financial harm could have been more significant,” it said.
Other major cyber incidents in the recent past include another London-listed airline, easyJet EZJ.L, which earlier this year said hackers had accessed the email and travel details of around 9 million customers.
U.S. hotel operator Marriott International MAR.O in March suffered its second data incident in less than two years, with information of about 5.2 million its hotel guests suffering a breach.
0 Comments:
Yorum Gönder