British Airways have been fined £20 million by the Information Commissioner’s Office (ICO) following a data breach from 2018 which affected 400,000 customers. The 2018 breach affected customers confidential personal and credit card data. The incident happen when British Airway’s systems were compromised by attackers, who modified customer details when they were inputted in order to harvest them.
ICO originally intended to fine British Airways £183 million in 2019 over this issue, however, they have revoked this, and reduced the fine to £20m ($26m). ICO said that they have taken the ‘economic impact of Covid-19’ into consideration which has lead to the reduction in the fine. However, despite these reductions, this fine British Airways has been faced with is the largest penalty the ICO has ever issued.