陈斯红✝️轉發 陳斯紅✝️轉發 BA Faces £183 Million GDPR Fine for 2018 Data Breach LegalHelpers 今天 The UK Information Commissioners Office (ICO), the General Data Protection Regulation(GDPR) supervisory authority, has issued the largest GDPR penalty to date to British Airways. British Airways can appeal, but as it stands the ICO will fine the airline £183.39 million for security failures that were exploited in a 2018 cyberattack on its website. The fine surpasses the previous record of £500,000 issued to Facebook over the Cambridge Analytica scandal. For British Airways however, its breach occurred after May 25, 2018 – The effective date of the EU’s GDPR. GDPR updated a previous EU directive and in addition to introducing a slew of new privacy and security regulations, the penalties for privacy and data security failures were substantially increased. The maximum penalty for a serious GDPR violation is now €20 million or 4% of global annual turnover, whichever is higher. The £183 million penalty corresponds to 1.5% of British Airways’ global annual turnover for 2017. The maximum penalty would have been close to £500 million if its holding company, International Airlines Group (IAG), was found to be involved. The global annual turnover for IAG in 2017 was €2.27 billion. Under GDPR, entities that experience a breach involving the data of EU citizens must report the breach within 72 hours of discovery. British Airways announced its breach and reported the incident to ICO on September 6, 2018, one day after the breach was discovered. The subsequent ICO investigation uncovered security failures that were exploited by hackers to gain access to British Airways’ website. Code was inserted which redirected visitors to a fraudulent website where personal information and credit/debit card details were stolen. According to ICO, the personal and financial information of around 500,000 customers was stolen. ICO said the breach occurred some time in June 2018 and continued until September 5. The fine was not issued for the breach itself. ICO has said the fine reflects the seriousness of the security failures that opened the door to the hackers. The ICO has only issued a ‘Notice of Intent’ to fine British Airways. British Airways now has 28 days in which to launch an appeal. “We intend to take all appropriate steps to defend the airline’s position vigorously, including making any necessary appeals,” said Willie Walsh, chief executive of International Airlines Group. Posted By HIPAA Journal on Jul 9, 2019 —- READ MORE —- Key Changes: All You Need to Know about GDPR China Issues Rules on Prohibition of Abuse of Market Dominance Top 10 HR Issues in US Special Disclosure Requirements for TMT IPO in HK China expands Shanghai FTZ for further opening-up, globalization

陈斯红✝️轉發

陳斯紅✝️轉發

 

BA Faces £183 Million GDPR Fine for 2018 Data Breach

LegalHelpers 今天