Jul 10, 2019
Companies Fined Millions After Data Breach
Two companies are facing massive fines from the Information Commissioner's Office (ICO).
The British Airways penalty is in relation to a 2018 breach when users were directed to a fraudulent site which obtained the personal information of around 500,000 people. The airline initially disclosed the incident in September 2018 and said that around 380,000 transactions were affected. According to reports, poor cybersecurity arrangements at British Airways was responsible for the leak of personal information such as credit card numbers, names, and email addresses.
General Data Protection Regulation
Penalties for breaches like this have only increased under the General Data Protection Regulation. GDPR was enacted to give consumers more control and insight into their personal data and will require companies to ensure they are following safety procedures to collect, process, and store data.
International Data Privacy Laws
Similarly, some states and countries are passing data privacy laws and regulations to protect personal data and hold companies accountable. Recently, California passed the California Data Protection Regulation law which regulates how companies store data and will require them to disclose the types of data stored.