E-Paper | May 23, 2026

British Airways fined £183m over computer theft of passenger data

AFP Published July 8, 2019
Fine is equivalent to 1.5 per cent of British Airways' turnover in 2017. — AFP/File
Fine is equivalent to 1.5 per cent of British Airways' turnover in 2017. — AFP/File
comments
Whatsapp Channel
Add Dawn as a trusted source
Google Preferred Source

British Airways has been fined more than £183 million after computer hackers last year stole bank details from hundreds of thousands of passengers, its parent group IAG said on Monday.

In a statement, IAG said the United Kingdom Information Commissioner's Office intends to issue the airline with a penalty notice under the UK Data Protection Act, totalling £183.39m.

The fine is equivalent to 1.5 per cent of British Airways' turnover in 2017, IAG added.

IAG chief executive Willie Walsh said it would consider appealing the fine as it seeks “to take all appropriate steps to defend the airline's position vigorously”.

British Airways's Chief Executive Officer Alex Cruz said the airline was “surprised and disappointed” by the punishment.

“British Airways responded quickly to a criminal act to steal customers' data,” he said in the statement.

“We have found no evidence of fraud/fraudulent activity on accounts linked to the theft. We apologise to our customers for any inconvenience this event caused,” Cruz added.

BA had revealed the hack in September, just a few months after the European Union tightened data protection laws with the so-called General Data Protection Regulation (GDPR).

The stolen data comprised customer names, postal addresses, email addresses and credit card information.

However, the 15-day breach, which was fixed on discovery, did not involve travel or passport details.

Following disclosure of the hack, BA promised to compensate affected customers and took out full-page adverts in the UK newspapers to apologise to passengers.

It had meanwhile described the mass theft as “a very sophisticated, malicious, criminal attack on our website”.

IAG is the owner of five airlines, including also Aer Lingus, Iberia, Level and Vueling, none of which were affected by the hack.

GDPR establishes the key principle that individuals must explicitly grant permission for their data to be used.

The case for the new rules had been boosted by a scandal over the harvesting of Facebook users' data by Cambridge Analytica, a US-British political research firm, for the 2016 US presidential election.

Follow Dawn Business on X, LinkedIn, Instagram and Facebook for insights on business, finance and tech from Pakistan and across the world.
Our readers are at the heart of everything we do.
Do you have a thought to share or a way we can improve? We’d love to hear it. Reach out to us at feedback@dawn.com.
World

Read more

Arshad
Jul 08, 2019 01:13pm
This data will more likely end up in Indian call centers.
Recommend 0
Abbas shah
Jul 08, 2019 01:19pm
Dark sides of latest technology s.Better reverse to old one’s .
Recommend 0
Telephone Man
Jul 08, 2019 01:48pm
British Airways's Chief Executive Officer Alex Cruz said the airline was “surprised and disappointed” by the punishment. He was surprised. As CEO he did not do his job. He was not on top of things.
Recommend 0
Dr. Salaria, Aamir Ahmad
Jul 08, 2019 02:03pm
Too little, too late.
Recommend 0
Gordon D. Walker
Jul 08, 2019 02:50pm
If your information is on a computer, your information is vulnerable... Gordon D. Walker Canada
Recommend 0
Khurram
Jul 08, 2019 04:53pm
@Gordon D. Walker, Yes. Let’s use pen and paper.
Recommend 0
hanifsmile
Jul 08, 2019 07:41pm
Fine??, these fines are the way for government to make money, passenger data has been stolen and Government will get money, not the passengers. This happens to all the fines. Mortgage fraud by Chase Bank got fined billions, I was the victim, but government got the money I didn't get a single penny.
Recommend 0
Laila
Jul 09, 2019 05:50am
@Gordon D. Walker, Anything digital from pc, laptops, smartphones, smart watches, etc and everything that has gprs tracking, wifi access, you can consider yourself tracked and identified 24/7. No privacy.
Recommend 0
Laila
Jul 09, 2019 05:52am
@Khurram , That's not what he is saying. You should watch some of the documentaries made on how vulnerable we and our personal information have become in the his digital and internet age. How we are monitored, tracked and losing control. There a free serious risks. Also watch the Edward Snowdon movie and listen to his interviews. Who knows you might learn a few things.
Recommend 0

Most Popular

01
02
03
04
05
06
07
08
09

Latest Stories

Opinion

Editorial

Hardening lines
Updated 22 May, 2026

Hardening lines

Iranian suspicions about Pakistan’s close ties with Washington and Gulf states persist, while Pakistan remains uneasy over Tehran’s growing engagement with India.
Unliveable city
22 May, 2026

Unliveable city

IN Karachi, when it comes to water, it is every man and woman for themselves. A persistent shortage in available...
Glof alert
22 May, 2026

Glof alert

FOR many communities in northern Pakistan, the sound of heavy rain now carries a different meaning. It is no longer...
External woes
Updated 21 May, 2026

External woes

Relying indefinitely on remittances to offset structural economic weaknesses is not sustainable.
Political activity
21 May, 2026

Political activity

THE opposition is astir. There is talk of widespread protests this Friday over a list of dissatisfactions with the...
Seizing hope
21 May, 2026

Seizing hope

ISRAEL’S tyranny knows no bounds. After intercepting the Global Sumud Flotilla that set sail last week, disturbing...
Dawn News English Podcasts
Subscribe