British Airways faces a fine of £183m for this breach in which customers’ credit card data was stolen. Alex Cruz (BA chairman and chief executive), said he was “surprised and disappointed” by the fine. However no evidence had been found of any fraudulent activity on accounts linked to the theft. The proposed penalty is representing 1.5 per cent of BA’s worldwide revenue in 2017. The proposed penalty for British Airways is equivalent to just over £4 for each passenger expected to fly on BA this year. Cybercriminals stole personal and financial information from hundreds of thousands of customers who booked direct with the airline. Details of payment cards, including the number, expiry date and three-digit security code or “card verification value” (CVV) were illegally extracted from the reservations system.
The airline also said it would indemnify customers who suffered financial harm. The airline has four weeks to appeal. We intend to take all appropriate steps to defend the airline’s position vigorously, including making any necessary appeals,” they said.