Skip to main content

BA hit with £20m fine over 2018 data hack

BRITISH AIRWAYS has been fined £20 million over a 2018 data hack which breached the details of 400,000 customers, the Information Commissioner’s Office (ICO) announced yesterday.

Investigators found the airline should have identified the security weaknesses which enabled the attack to take place.

The ICO said that the carrier had failed to protect the personal and financial details of the affected customers.

BA did not detect the hack for more than two months.

Information Commissioner Elizabeth Denham said: “People entrusted their personal details to BA, and BA failed to take adequate measures to keep those details secure.

“Their failure to act was unacceptable and affected hundreds of thousands of people, which may have caused some anxiety and distress as a result.

“That’s why we have issued BA with a £20 million fine — our biggest to date.”

However, this is a fraction of what BA was initially fined, £183m, reduced partly because of the airline’s financial position following Covid-19.

A BA spokeswoman said: “We alerted customers as soon as we became aware of the criminal attack on our systems in 2018 and are sorry we fell short of our customers’ expectations.”


We're a reader-owned co-operative, which means you can become part of the paper too by buying shares in the People’s Press Printing Society.

Become a supporter

Fighting fund

You've Raised:£ 16,455
We need:£ 1,545
9 Days remaining
Donate today