Record fine for inadequate IT security measures

Published: 24.08.2022

Reading time: about < 1 minute

The British Information Commissioner’s Office intends to impose a fine of almost 250 million euros on British Airways. This was triggered by a hacker attack, as a result of which personal data of around 500,000 customers became accessible to third parties without authorization. During its investigations, the supervisory authority found inadequate IT security measures, which allowed access to credit card data, travel data, and login data, among other things. The fine is the equivalent of 1.5% of British Airways’ annual revenue from 2017. British Airways intends to fight the fine with all means at its disposal. The opinion of the supervisory authority can be found here.

British Airways is also facing various claims for damages from those affected. Consumer advocates are planning a class action lawsuit and expect damages of about £5,000 per affected person.

20.03.2024

Management Assistant / Accounting (m/f/d)

We are specialized lawyers for advice on data and data...

Record fine for inadequate IT security measures

Related articles

Management Assistant / Accounting (m/f/d)

New website launched

Introduction of the right of associations to sue for data protection

Audit by the Bavarian State Office for Data Protection Supervision

New BDSG: Cabinet draft approved

In-house training on the General Data Protection Regulation