ICO fines surge by 1580% in 2020 – 2021
ICO, the Information Commissioner’s Office, issued a cumulated amount of penalty notices of £42m during 2020 – 2021. During this period, there was an increase of 1580% in fines compared to the previous financial year. Amongst the recipients of some of the biggest fines are British Airways, which received a £20m fine due to deficient technical and organisational measures and Mariott International, which received a £18.4m fine over a data breach.Read More on Infosecurity Magazine
British Airways has settled a 2018 data breach
British Airways suffered a data breach in 2018, when 420,000 of its staff and customers were victims of a personal information leak. The case has just been settled and victims are expected to receive a confidential compensation after mediation.Read more about this on Reuters
Exemplary cooperation between European data protection authorities, CNIL underlines
CNIL, the French DPA, comments on the recent fines issued by the UK DPA (the ICO) against Marriott and British Airways which are, so far, the highest fines ever issued for GDPR violations. The CNIL underlines on its website that in application of the cooperation mechanism provided for by the GDPR, the “one-stop shop”, the ICO draft decisions were sent to other European data protection authorities and hence were carefully examined by the CNIL.
ICO fines British Airways £20m for data breach affecting more than 400,000 customers
The website of the Information Commissioner’s Office (ICO) reports that the Authority has fined British Airways (BA) £20m for failing to protect the personal and financial details of more than 400,000 of its customers.
An ICO investigation found the airline was processing a significant amount of personal data without adequate security measures in place. This failure broke data protection law and, subsequently, BA was the subject of a cyber-attack during 2018, which it did not detect for more than two months.
ICO investigators found BA ought to have identified weaknesses in its security and resolved them with security measures that were available at the time.
British Airways may have another security problem already
ICO statement: Intention to fine British Airways £183.39m under GDPR for data breach
Page 1 of 1