The Daily mail has reported that British Airways (BA) customers could be able to sue the airline over a data breach.
In September 2018, BA suffered a massive cyber-attack on its system.
The investigation into the incident, carried out by the Information Commissioners Office (ICO), found that half a million of their customers have been affected.
According to the ICO, personal details were compromised by the breach, including home addresses, customers’ names, payment cards and much more.
As part of the scam, customers were diverted to a fraudulent website, where their details were gathered by the hackers.
In 2018, the airline started contacting the affected individuals.
Despite the steps taken by the airline, the ICO has announced that the airline might be imposed with a staggering fine of over £183million.
At the time of its announcement, this would be the largest penalty handed out by the watchdog. It is also the first one to be made public since the enforcement of new rules.
In May 2019, the General Data Protection Regulation (GDPR) was introduced. This means that for data breaches, companies can be fined up to 4% of their annual turnover.
The £183 million proposed fine for BA represents 1.5% of their annual turnover.
On 4 October of this year, Mr Justice Warby granted a group litigation order at a hearing in London. This paves the way for a mass legal action against BA.
The judge has granted a window of 15 months for people to come forward and join the group litigation.
The chairman and chief executive of British Airways, Alex Cruz, has disagreed with the ICO’s initial findings, stating that the airline responded quickly to the breach.
The BA also found ‘no evidence of fraud or fraudulent activity on accounts linked to the theft’. (Alex Cruz quoted from The Daily Mail article).
Unfortunately for the British Airways, the law is clear on the issue. When a firm is entrusted with people’s personal data, the information must remain protected.
If you are a costumer that has been affected by the data breach, the airline should have contacted you.
Passengers who made booking between 21 August 2018 and 5 September 2018 via the website or app are the ones affected.
While BA have been reimbursing customers who have suffered ‘direct financial losses’ and offered ‘credit rate monitoring’, customers can rightfully receive compensation for non-material damage such as distress and inconvenience caused by the data leak.
If you’ve been affected by the breach and would like to join the legal action the BA, contact our experts now.