Data Protection Academy » Data Protection News » First fine after introduction of the GDPR in the UK hits British Airways

DSGVO Fine British Airways

First fine after introduction of the GDPR in the UK hits British Airways

Date: 08.07.2019

Responsible body: British Airways

Type of data breach: personal data were stolen

First fine after the introduction of the GDPR in the UK hits British Airways. In the summer of 2018, customer data was allegedly redirected from the British Airways website to a site run by the fraudsters. In the process individual-related data such as credit card and address data were stolen. Due to "weak security precautions", around 500,000 customers were affected, according to the authority.

Categories of data concerned: Travel data, credit card data, identity card data, passport data

Legal classification: British Airways has reported the data breach itself

Country: Great Britain

Fines: 183.39 million British pounds (just under 205 million euros)

SourceMirror

Back to the overview of the data breaches

Nadine Porrmann
Latest posts by Nadine Porrmann (see all)

This might interest you too:

Examples of GDPR fines: what happens in data protection

GDPR infringements are punished with heavy fines. Find out which data protection infringements are suspected and secure yourself.

Data protection fine imposed on the Municipality of Oslo Education Authority

120.000 € because the security of the app "Skolemelding" for communication between school staff, parents and pupils was not guaranteed.

Data protection fine Swedish company

35,000 euros fine for violation of three Swedish laws at once. Information about creditworthiness published.