The Information Commissioner’s Office (ICO), U.K.’s data protection watchdog, announced it was fining British Airways 20 million pounds ($20 million), for a data breach in which the personal details of 400,000 customers were leaked. The ICO found that British Airways should have identified weaknesses in its security and resolved them with measures available at the time, which would have prevented the data breach.
The regulator said its investigators found that British Airways did not detect the attack on June 22, 2018, but was alerted by a third party more than two months later, on Sep. 5.
The penalty was far less than the 183.4 million pounds the ICO proposed in 2019 – in part reflecting the crisis many airlines are is now facing due to COVID-19.
Read more about it here.