The Information Commissioner’s Office of UK (ICO) fined $230 million to the owner of British Airways IAG over the data theft from 5 lac customers from its official website last year. The ICO recommended a fine of 183.4 million pounds or 1.5% of 2017 worldwide turnover of British Airways for its data hack which it stated exposed inadequate arrangements of security at the airline.
On the other side, British Airways planned to do a petition against the penalty, the European data protection rules, termed GDPR that becomes functional in 2018. They allow the regulator bodies to fine organizations over 4% of their worldwide turnover for the failures in the data protection.
According to the statement of ICO, the involved attack stream of traffic to the BA website actuality diverted to any other fraudulent website. And the details of customers like, payment card, log in, names, address as well as booking details shared.
Elizabeth Denham, the Information Commissioner, shares her views that personal data of people is just as personal and it should not leak in such a way. Moreover, when a firm flop to guard it against loss, theft, or damage, it is over an inconvenience. That is the reason the law is very transparent when any company entrusted with the user’s personal data; it must look after it.
Alex Cruz, Chairman and CEO of British Airways, said that he got disappointed and surprised due to the proposed fine. He said that his airline reacted instantly to the criminal act of theft customer’s data. The officials of airline found no proof of fraudulent/fraud activity on accounts associated with the theft.
The move of IAG over the Penalty
CEO of parent firm IAG, Willie Walsh said that British Airways might make representations to the Information Commissioner’s Office regarding the proposed penalty. He added they aim to take all possible moves to defend the position of airline actively that may also involve any required appeals.
After the announcement of the penalty to British Airways, the IAG shares fell 0.8% – 452.7 pence at 0810 GMT. Gerald Khoo, the analyst at broker Liberum, explained that the proposed penalty is equal to nine pence per share of IAG.
He said that IAG has over sufficient liquidity to overcome the fine 2018 Dec cash 3.8 billion euros, overall liquidity 6.3 billion euros, the fine is still substantial. On behalf of other regulators of Europe the ICO also investigated British Airways, also have authority to impose penalties over 500,000 under former rules. In 2018, the ICO also fined Facebook 500,000 pounds for violation of data protection law.