According to BBC News, the UK’s privacy regulator, the Information Commissioner’s Office (ICO), has fined British Airways a record £183 million (US$229 million) fine for a data breach that is believed to have occurred starting in June 2018.
The ICO stated the incident took place after users of British Airways’ website were diverted to a fraudulent site. Through this false site, details of about 500,000 customers were harvested by the attackers, the ICO stated.
The ICO stated that the information leaked included log in, payment card, and travel booking details as well name and address information.
British Airways has cooperated with the regulator according to the ICO and made improvements to its security arrangements.
Information Commissioner Elizabeth Denham said, “People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft, it is more than an inconvenience.
“That’s why the law is clear – when you are entrusted with personal data, you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.”
Full Content: BBC News