|
Fined £ 183 million for data breach last year
https://www.bbc.co.uk/news/business-48905907 British Airways says it is facing a record fine of £183m for last year's breach of its security systems. The airline, owned by IAG, says it was "surprised and disappointed" by the penalty from the Information Commissioner's Office (ICO). At the time, BA said hackers had carried out a "sophisticated, malicious criminal attack" on its website. The ICO said it was the biggest penalty it had ever handed out and the first to be made public under new rules The General Data Protection Regulation (GDPR) came into force last year and was the biggest shake-up to data privacy in 20 years. The penalty imposed on BA is the first one to be made public since those rules were introduced and amounts to 1.5% of its worldwide turnover in 2017, less than the possible maximum of 4%. Until now, the biggest penalty was £500,000, imposed on Facebook for its role in the Cambridge Analytica data scandal. That was the maximum allowed under the old data protection rules that applied before GDPR. BA has 28 days to appeal. Willie Walsh, chief executive of IAG, said British Airways would be making representations to the ICO. "We intend to take all appropriate steps to defend the airline's position vigorously, including making any necessary appeals," he said. BA has previously said approximately 380,000 transactions were affected, but the stolen data did not include travel or passport details. The information included names, email addresses, credit card information such as credit card numbers, expiration dates and the three-digit CVV code found on the back of credit cards, although BA has said it did not store CVV numbers. The incident was first disclosed on 6 September 2018. Alex Cruz, British Airways' chairman and chief executive, said: "We are surprised and disappointed in this initial finding from the ICO. "British Airways responded quickly to a criminal act to steal customers' data. We have found no evidence of fraud/fraudulent activity on accounts linked to the theft. "We apologise to our customers for any inconvenience this event caused." |
I have to disagree with Alex Cruz stolen data has not led to fraud/fraudulent activity. Recently, I had a flurry of fraudulent transactions on a UK credit card that had been used to book flights via the BA website at the time of the data breach. None of my other UK cards or my Spanish, none of which I had used with BA, have been subject to similar fraudulent activity. From this, I can only draw the conclusion that the BA data breach was the source of the data used.
|
Originally Posted by FFHKG
(Post 10512719)
I have to disagree with Alex Cruz stolen data has not led to fraud/fraudulent activity. Recently, I had a flurry of fraudulent transactions on a UK credit card that had been used to book flights via the BA website at the time of the data breach. None of my other UK cards or my Spanish, none of which I had used with BA, have been subject to similar fraudulent activity. From this, I can only draw the conclusion that the BA data breach was the source of the data used.
Cruz didn't say that there had been no fraudulent activity, but that BA hadn't found any evidence of any. |
FFHKG. Whilst you may be correct, you have not stated that the credit card used on the BA website has not been used at any time before/since for any other transactions. A bit of leap to come to the conclusion you have done. As suggested above, if you think BA was the source, the appropriate action is to inform them and request they investigate. |
I see this as a shot across a lot of people's bows using the new penalties - everyone has heard of BA and that fine is eye watering to a lot of outfits
It'll get a lot of attention - which is the idea I suppose |
It would be extremely difficult for an individual to prove that BA's website issue led to fraud or provide anything that is evidence of this incident being a cause - and BA's lawyers are well aware of this.
One would have to show audit logs that a) the gang stole the details of the card in question (not just that they had the means to do so), b) that the card in question is in the audit log showing which card details were then sold on and c) that the next gang were the ones who used the card to make an unauthorised purchase. Any gang capable of hacking BA will most certainly have known to cover their tracks and take precautions against any data snooping (ie maximum encryption everywhere). Audit logs proving the transfer of card details will probably not exist; if they exist they will be encrypted; even if one has the password, one would need to go through Interpol to obtain the logs - and diplomatic relations at the moment may prevent this As a private individual, you can complain to BA, but the PR people will not budge easily and it will be very difficult to prove definitively any blame against BA - the most one can do is show BA were lax in their handling of personal data and throw the GDPR book against them |
BA today announced that they ware bringing forward the start of A350-1000 long haul operations and begin operating to DXB on 2nd September. A350 ops to DXB had originally been planned to start 8th October. |
British Airways pilots have voted in favour of strike action in a dispute over pay, threatening a walkout over the key summer holiday period.The British Airline Pilots' Association (Balpa) said 93% of its members had voted in favour of industrial action.
The union said it did not yet have any dates for a potential strike, adding it hopes the dispute can be resolved. A strike would be likely to cause severe disruption, as Balpa represents about 90% of the airline's pilots. BBC News |
talking about August 6th for kic
Question is will BA settle quickly to minimize damage or decide to slug it out? |
Round One
Headline reads: BA loses legal action against pilot strikes |
"We are not seeing any evidence of the Brexit impact," said Willie Walsh, chief executive of BA parent IAG, during a results briefing today. He acknowledges that Ryanair and other airlines have warned how their operations could be affected, especially by a no-deal Brexit. But he insists: "We don't see any impact on bookings or the profile of bookings going forward in terms of the visibility that we have." Walsh suspects that BA's heavy reliance on London and the UK southeast may be one explanation for the carrier's apparent resilience. "Maybe… we are not exposed to the whole of the UK as they [competitors] would be," he says. |
https://metro.co.uk/2019/08/05/briti...abin-10523587/ MEDN evacuated in VLC due to smoke in the cabin. |
BA still not learnt their lesson about their truly awful IT set up. More flights canx and delyaed due to a 'glitch'. They need to bite the bullet and spend money to fix this. They have to learn that they are an IT company who operate aircraft.
|
Quite. Was on the 0915 from EDI into LHR (sorry still on at 1515) and stuck outside T4 awaiting steps and bus back to T5. Captain has no idea what is happening. Shambles |
Looks like LH group will go after BA's America business as they will lauch several new routes next summer from FRA, MUC and ZRH. We'll see if there might be any impact on BA's LHR flights.
https://newsroom.lufthansagroup.com/...f-626f45321874 https://swiss.newsmarket.com/english...b-9f0bf8ff265c |
Originally Posted by PAXboy
(Post 10539048)
BA still not learnt their lesson about their truly awful IT set up. More flights canx and delyaed due to a 'glitch'. They need to bite the bullet and spend money to fix this. They have to learn that they are an IT company who operate aircraft.
|
The people who do the IT for BA who are based in India - are they employees of a BA contolled company, or do they work instead for one of the outsourcing providers instead ? An employee of (for example) Infosys cares far more about what Infosys wants - and has little or no incentive to make an effort to help BA beyond what is on the written contract agreed between their employer (Infosys) and BA
|
i think its outsourced .ie. non directly employed labour
|
Yes, I know they outsourced and it has been discussed in various places. They have failed to understand - as countless big companies have - what has changed. They see the IT as an adjunct when it is central. I worked in telecommunications and IT for 27 years starting in 1978. I saw how companies came to rely more on their systems but treated the staff as if they were still doing 'some batch processing overnight'. I even recall one Data Centre manager at a plc you would all know (not BA), who did not like having PCs in his centre as they were not proper computers.
|
Originally Posted by davidjohnson6
(Post 10539329)
The people who do the IT for BA who are based in India - are they employees of a BA contolled company, or do they work instead for one of the outsourcing providers instead ? An employee of (for example) Infosys cares far more about what Infosys wants - and has little or no incentive to make an effort to help BA beyond what is on the written contract agreed between their employer (Infosys) and BA
This was another Alex Cruz cost cutting measure and it’s safe to say this was a massive own goal.. the ironic thing is they’ve not saved a penny with all the issues it has caused and it hasn’t given BA any positive publicity at all. |
| All times are GMT. The time now is 12:10. |
Copyright © 2024 MH Sub I, LLC dba Internet Brands. All rights reserved. Use of this site indicates your consent to the Terms of Use.