British Airways is to pay a £20m data protection fine after its 2018 Magecart hack – even though the Information Commissioner’s Office discovered the airline had been saving credit card details in plain text since 2015.
The fine, announced this morning by the UK's data watchdog, is almost exactly at the reduced £19.8m level that BA parent company the International Airlines Group had expected back in August.
“The failures are especially serious in circumstances where it is unclear whether or when BA itself would ever have detected the breach,” thundered the ICO today. It also condemned BA’s claims during fine negotiations that credit card data breaches are “an entirely commonplace phenomenon” and “an unavoidable fact of life”.
The airline's spokesman told The Register: “We alerted customers as soon as we became aware of the ..
Support the originator by clicking the read the rest link below.
