British Airways fined £20m over data breach

2020/10/26 20:11

Today's Vocabulary

1. breach (v)
an act of breaking a law, promise, agreement, or relationship

2. incident (n)
an event that is either unpleasant or unusual

3. alerted (v)
to warn someone of a possibly dangerous situation

4. subsequent (adj)
happening after something else

5. authenticate (v)
to prove that something is real, true, or what people say it is

6. measures (n)
a way of achieving something, or a method for dealing with a situation

7. compromised (v)
to accept that you will reduce your demands or change your opinion in order to reach an agreement with someone

British Airways fined £20m over data breach

British Airways has been fined £20m ($26m) by the Information Commissioner’s Office (ICO) for a data breach which affected more than 400,000 customers. The breach took place in 2018 and affected both personal and credit card data.

The incident took place when BA’s systems were compromised by its attackers, and then modified to harvest customers’ details as they were input. It was two months before BA was made aware of it by a security researcher, and then notified the ICO.

The data stolen included log in, payment card and travel booking details as well name and address information. A subsequent investigation concluded that sufficient security measures, such as multi-factor authentication, were not in place at the time.

 The ICO noted that some of these measures were available on the Microsoft operating system that BA was using at the time.

 “When organisations take poor decisions around people’s personal data, that can have a real impact on people’s lives. The law now gives us the tools to encourage businesses to make better decisions about data, including investing in up-to-date security,” said Information Commissioner Elizabeth Denman.

British Airways said it had alerted customers as soon as it had found out about the attack on its systems.

 “We are pleased the ICO recognises that we have made considerable improvements to the security of our systems since the attack and that we fully co-operated with its investigation,” said a spokesman.

  “It shows the ICO means business and is not letting struggling companies off the hook for their data protection failures,” he said.

  1. How much do you worry about your private information online?

  2. What images are in your mind when you hear the word “ online”?

  3. How much do you trust online companies with your data?

“All human beings have three lives: public, private, and secret.”

Gabriel García Márquez