[BreachExchange] Law firm lands compensation for BA customers over 2018 data breach

[Sophia Kingsbury]

https://www.msn.com/en-gb/money/news/law-firm-lands-compensation-for-ba-customers-over-2018-data-breach/ar-AALOVMP

British Airways has reached a settlement to resolve a class action lawsuit
over a data breach in 2018 involving the personal and financial details of
hundreds of thousands of customers.

The terms of the deal were kept confidential and the airline did not admit
liability but it is understood claimants involved in the case brought by
law firm PGMBM are to receive a payout.

It relates to an admission by the airline in September 2018 that customer
details had been compromised by hackers in a data theft between 21 August
and 5 September.

The number of people affected was later found to be 420,000 customers and
staff.

Names, debit and credit card numbers, addresses and email addresses were
among details exposed in the incident.

Some passengers were diverted to a fake website, which harvested their data.

A subsequent investigation by the Information Commissioner's Office (ICO)
found BA, at that time, was "processing a significant amount of personal
data without adequate security measures in place".

It recommended a fine of more than £180m though a sum of £20m was later
imposed.

PGMBM had revealed in January that the airline could face customer claims
totalling £800m - with payouts of up to £2,000 per person.

It had signed up 16,000 people to its claim against BA at that time.

The airline welcomed the settlement while Harris Pogust, PGMBM's chairman,
said: "We are very pleased to have come to a resolution on this matter
after constructive mediation with British Airways.

"This represents an extremely positive and timely solution for those
affected by the data incident."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20210706/586ef921/attachment.html>