Security News > 2021 > July > British Airways Settles Class Action Over 2018 Data Breach

British Airways has settled a class action brought by individuals impacted by the data breach suffered by the company in 2018, but terms of the settlement have been kept private.

Stolen information in the case of British Airways included names, payment card data, addresses, and email addresses.

The UK's data protection regulator, the Information Commissioner's Office, initially intended to fine British Airways a total of £183.39 million, but in 2020 it announced that the fine would be reduced to £20 million, which was still described by the agency as a record fine.

BA's legal problems related to the 2018 data breach might not be over.

"British Airways' agreement to settle some of the data breach cases confirms what we already know - that the airline acknowledges that it must pay compensation to the victims of the cyberattack despite having settled without an admission of liability. BA has continually denied liability for claims, but now it should publicly admit what its lawyers must privately have advised them; that it is liable for this data breach and the distress caused to victims and must pay appropriate damages."

"The case law and our own figures for settled cases - having now recovered over £1m in damages for primarily individual data breach claims - tells us what BA refuses to accept: that pay-outs could be much more than what they have wanted to settle for. We will continue to fight for an appropriate level of damages to be awarded to our clients, and we hope that the first round of settlements will give victims the confidence to come forward and hold the airline to account."

News URL

http://feedproxy.google.com/~r/securityweek/~3/137-mOznkqg/british-airways-settles-class-action-over-2018-data-breach