British Airways Faces Record GDPR Fine For Card Data Leak

The UK’s Information Commissioner’s Office (ICO) plans to impose a fine of £183m on British Airways for last year’s leak of sensitive customer data, the first such flexing of the regulator’s abilities under new data protection laws.

It emerged in September last year that 380,000 British Airways customers had their payment details lifted from the airline’s website in a cyber-attack, including CVV numbers that should not be stored by retailers offering card-on-file payments.

Request a Free Trial

As a trusted source of regulatory intelligence for the global payments industry, we enable organisations to manage the growing volume and velocity of regulatory risk with confidence, empowering more informed and effective decision making, in an efficient and cost-effective way.

Take a Trial