Hackers had managed to breach BA’s defenses and had stolen customer data, including credit card details, from its app and website.
On Monday, IAG, the owner of British Airways, stated the UK Information Commissioner’s Office (ICO) intends to impose a penalty of $229.8 million (183.4 million pounds) for the theft of customer data from the airline’s website in 2018.
In September 2018, British Airways had disclosed that credit card details of several hundreds of thousands of its customers had been stolen by hackers from its app and website.
The ICO has now indicated that it proposes to impose a penalty of $229.8 million, roughly 1.5% of its global turnover in 2017.
“We are surprised and disappointed in this initial finding from the ICO,” said Alex Cruz, BA’s chairman and chief executive. “British Airways responded quickly to a criminal act to steal customers’ data. We have found no evidence of fraud/fraudulent activity on accounts linked to the theft,”.
According to Willie Walsh, the IAG’s chief executive, BA would be making representations to the ICO in relation to the proposed fine.
“We intend to take all appropriate steps to defend the airline’s position vigorously, including making any necessary appeals,” said Walsh.