Commenting on today’s news that the Information Commissioner’s Office (ICO) will be fining British Airways £183.4m following its data breach in 2018, Kingsley Hayes, managing director at data breach and cyber security specialist Hayes Connor Solicitors, said:
“The ICO has sent a clear message to all businesses – follow the law and protect customers’ personal information or pay a hefty penalty. Hayes Connor is representing hundreds of British Airways customers whose personal information was violated – including login details, payment card information, names and addresses.
“Placed in the wrong hands, these details can be used to obtain credit fraudulently causing havoc, significant financial loss and psychological distress to those affected. Reports state that the international airline will be appealing the decision claiming that it had found no evidence of any financial loss to date as a result of the harvesting of 500,000 customers’ details.
“It is unlikely that this appeal will stand as hackers with this much stolen data are likely to use it in batches over time. In the meantime, the stress and anxiety suffered by affected customers is significant.
“Organisations have a legal obligation to take all the necessary measures to adequately protect the personal information held by them – this includes implementing robust cyber security to prevent hackers from obtaining private data as was the case with British Airways.”