Home > News > ICO proposes £184M fine for British Airways in first major GDPR sanction

ICO proposes £184M fine for British Airways in first major GDPR sanction

The Information Commissioner’s Office (ICO), the UK’s data protection supervisory authority, today announced that it has provisionally determined that British Airways (BA) must pay a substantive fine for breach of the GDPR, in relation to a data breach that BA suffered in June 2018.  The reports state that the incident in part involved user traffic to the BA website being diverted to a fraudulent site, as a result of which customer details were harvested by the attackers. Personal data of approximately 500,000 customers were compromised in this incident.

Read more