Welcome to the new morningstar.co.uk! Learn more about the changes and how our new features help your investing success.

IAG's British Airways Customers Granted Data Breach Compensation Claim

(Alliance News) - Thousands of British Airways customers have been given the go ahead to bring ...

Alliance News 4 October, 2019 | 6:58PM
Email Form

(Alliance News) - Thousands of British Airways customers have been given the go ahead to bring compensation claims against the airline at the UK High Court over a data breach.

Justice Warby granted a group litigation order at a hearing in London on Friday, paving the way for a mass legal action against International Consolidated Airlines Group SA-owned BA.

The airline suffered a cyber attack on its systems, which an investigation by the UK Information Commissioners Office found affected about 500,000 customers.

Personal details, including payment data and addresses, were compromised by the hack, according to the ICO.

Part of the scam involved passengers being diverted to a fake website, through which their details were harvested by the attackers.

The airline informed the ICO and began to contact affected customers when it discovered the breach in September 2018.

There are currently more than 5,000 affected customers being represented by SPG Law and a further 230 represented by Your Lawyers Ltd, who are bringing claims for compensation.

But the potential number of claimants is much larger and the judge granted a window of 15 months from the hearing on Friday for people to join the group litigation. Aman Johal, director of Your Lawyers, said: "Today's grant of a group litigation order is a key step towards justice for the hundreds of thousands of victims of the British Airways data breach scandal."

The ICO announced its intention in July this year to impose a record fine of more than GBP183 million on BA over the breach, which is believed to have started in June 2018.

A spokesman for the watchdog said at that time that the proposed fine would be the largest it has handed out and the first to be made public since new rules came into force.

The General Data Protection Regulation came into force in May last year and means firms can be fined up to 4% of annual turnover for data breaches.

The proposed fine represents 1.5% of BA's annual turnover.

The ICO's investigation found that a variety of information was compromised by "poor security arrangements", including log in, payment card and travel booking details as well as customers' names and addresses.

In a statement after the fine was announced, Information Commissioner Elizabeth Denham said: "People's personal data is just that – personal.

"When an organisation fails to protect it from loss, damage or theft it is more than an inconvenience.

"That's why the law is clear – when you are entrusted with personal data you must look after it.

"Those that don't will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights."

Alex Cruz, British Airways' chairman and chief executive, said at the time that the airline was "surprised and disappointed" in the ICO's initial finding.

He added: "British Airways responded quickly to a criminal act to steal customers' data.

"We have found no evidence of fraud/fraudulent activity on accounts linked to the theft.

"We apologise to our customers for any inconvenience this event caused."

By Sian Harrison, PA

source: PA

Copyright 2019 Alliance News Limited. All Rights Reserved.

Email Form

Securities Mentioned in Article

Security Name Price Change (%) Morningstar
Rating
International Consolidated Airlines Group SA 548.60 GBX -1.58 -

About Author

Alliance News

Alliance News provides Morningstar with continuously updating coverage of news affecting listed companies.

Audience Confirmation


By clicking 'accept' I acknowledge that this website uses cookies and other technologies to tailor my experience and understand how I and other visitors use our site. See 'Cookie Consent' for more detail.

  • Other Morningstar Websites