British Airways settles with 2018 data breach victims
Topics: BRITISH AIRWAYS
The UK mediation between legal representatives for claimants and British Airways Plc was resolved on confidential terms.
Harris Pogust, PGMBM Chairman, said: “We are very pleased to have come to a resolution on this matter after constructive mediation with British Airways. This represents an extremely positive and timely solution for those affected by the data incident.”
British Airways revealed on 7 September 2018 that there had been a breach of its security systems, leading to over 420,000 customers and staff having their personal data leaked.
This included names, debit and credit card numbers, addresses, and email addresses.
In July 2019, the Information Commissioner’s Office (ICO) issued a notice of its intention to fine British Airways £183million for infringements of the General Data Protection Regulation (GDPR).
However, in October, the ICO revised the fine down to £20million having considered representations from BA and the impact of Covid-19 on the business.
The PGMBM team, led by Legal Director Tony Winterburn and Associate Michael Burke, filed a claim on behalf of those affected in April 2020, and have welcomed the resolution.
The resolution includes the provision for compensation for qualifying claimants who were part of the litigation but does not include any admission of liability by British Airways Plc.
“The Information Commissioner’s Office laid out how BA did not take adequate measures to keep its passengers’ personal and financial information secure,” Harris said.
“However, this did not provide redress to those affected. This settlement now addresses that.”
As well as being the court-appointed lead solicitors in the British Airways’ data breach case, PGMBM is also representing growing numbers of claimants in a case relating to a similar data breach by easyJet, first revealed in May 2020.
The breach saw nine million passengers’ data exposed, including names, email addresses, and travel information.
Harris added: “The pace at which we have been able to resolve this process with British Airways has been particularly encouraging and demonstrates how seriously the legal system is taking mass data incidents." ■