British Airways Pays Compensations to Victims of a Massive Data Breach

The British airline carrier agrees to pay the compensation but disagrees to the admission of liability

In response to a data breach that exposed the personal information of more than 420,000 customers, British Airways (BA) has reached an out-of-court settlement with victims, according to IT Pro. 

The agreement with PGMBM, the company that had led the mediation between British Airways and the victims calls for the carrier to pay undisclosed amounts to victims of the class action. According to the UK's flag carrier airline, the law company filing the claim on behalf of the people affected would not be admitting blame in the case.

In early September 2018, British Airways reported that its security systems had been attacked, exposing the personal data of around 420,000 customers and employees. Leaked data included full names, email addresses, addresses, and credit or debit card numbers.

British Airways expected a £500 million fine

British Airways was initially hit with a record-breaking ICO GDPR fine of £183 million, that was later reduced to £20 million after a public outcry. This is a 25-fold reduction from the original forecast £500m penalty expected based on 4% of the company's global turnover in 2017.

Harris Pogust, chairman at PGMBM said that the settlement “represents an extremely positive and timely solution for those affected by the data incident” [...] “We are very pleased to have come to a resolution on this matter after constructive mediation with British Airways,”.

PGMBM was also appointed to act on behalf of victims of the EasyJet data breach last year, that exposed the personal data of nine million consumers, with a total of 2,208 victims having their credit card details exposed. Simply put, PGMBM has filed an £18 billion class action in in the High Court in London and expects each customer affected by the security breach to receive £2,000.