British Airways has been fined £20 MN by the Information Commissioner’s Office (ICO) in a data breach scam that compromised the information of more than 400,000 customers. “A significant amount of personal data without adequate security measures in place” was being processed by the UK’s leading airliner company that eventually led to data protection law violation resulting in a cyberattack in 2018 that escaped scrutiny for approximately almost 2 months, according to the watchdog ICO.
In its official report, the ICO said that it fined BA after identifying glitches with respect to security measures, which, otherwise, would have prevented the 2018 cyberattack. The ICO investigators ultimately concluded that British Airway’s failure to safeguard customers' personal and sensitive information violated data protection law and deserve a penalty.