Event planners react to British Airways £183m fine

Huge penalty imposed for data hack described as 'severe but probably the right thing to do' by event agency CEO.

British Airways is facing a fine of £183 million for a breach of its security systems in September last year that saw the personal data of half a million customers stolen. 

A statement by the Information Commissioner’s Office (ICO) said the incident "involved user traffic to the British Airways website being diverted to a fraudulent site. Through this false site, customer details were harvested by the attackers."

A fine of £500,000 was imposed on Facebook last year for the Cambridge Analytica scandal but that occurred before new GDPR regulations came into effect in May 2018.

"The penalty is severe, but equally it was the right thing to do as this was a significant data breach," said Stephen Morton Prior, CEO of Clearwater Events. 

"There are many companies where data breaches have taken place and the companies, have dusted themselves off, learned from their mistakes and added protocol to ensure it doesn’t happen again.

"We all do everything we can to avoid hacks, but hackers are incredibly sophisticated. Only the other day, we received a new enquiry for an event which turned out to be a scam."

Mike Martin, co-founder and managing director of Paragon, also said he thought the fine was "probably justified" but that BA would learn from its mistake.

"This was a highly specialised, targeted attack, and – as far as I’ve read - British Airways followed all the correct procedures once the breach had been identified," said Martin.

"If anything I would assume that this has been a big wake up call for British Airways, the aerospace industry and global corporations in general, which can only make cybersecurity stronger moving forward."

A statement from British Airways chair and chief executive Alex Cruz said the company was "surprised and disappointed" in the findings. 

"British Airways responded quickly to a criminal act to steal customers’ data. We have found no evidence of fraud/fraudulent activity on accounts linked to the theft. We apologise to our customers for any inconvenience this event caused."

The ICO also said British Airways had cooperated with its investigation, made improvements to its security arrangements and would have the "opportunity to make representations to the ICO as to the proposed findings and sanction."

IT and data protection specialist lawyer Susan Hall, partner at Clarke Willmott LLP, said:  "Businesses will be reeling at the ICO's notice of intention to hand BA a record fine of £183m for being in breach of GDPR," said Susan. "It shows everyone can fail.

"If a business the size of BA can be found wanting, smaller companies should be asking themselves whether their data security arrangements are up to scratch.

For more features and breaking news sign up to C&IT Magazine's daily Newstracker.

Have you registered with us yet?

Register now to enjoy more articles
and free email bulletins.

Register now
Already registered?
Sign in
Gray Dawes Group acquires Amber Road Travel

Gray Dawes Group acquires Amber Road Travel

Travel management specialist boosts its presence in the north of England and will exceed £200m turnover.

'Clients have to understand our turnaround times'

'Clients have to understand our turnaround times'

Laura Law, conference director at Venues & Events International, argues that agencies need sufficient time to get under a brief's skin.

28% of event professionals have taken time off for mental health issues, finds survey

28% of event professionals have taken time off for mental health issues, finds survey

Research by Stress Matters discovers that many are still experiencing anxiety and a blame culture at work, despite more wellbeing initiatives.

Why we must 'reshape the conversation' around gender equality

Why we must 'reshape the conversation' around gender equality

Event professionals at IMEX America discussed mentoring and how to get everyone involved in debates about equality at work.

Ruby Hotels' first UK property to open in Southbank in 2020

Ruby Hotels' first UK property to open in Southbank in 2020

The carnival-themed Ruby Lucy will bring 'lean luxury' to London in January and have a Marshall guitar amp in every room.

Five ways ICC Belfast and the wider city is mastering sustainability.

In pictures: 10 ideas for events in Scotland

In pictures: 10 ideas for events in Scotland

Luxurious castle hotels, modern event complexes and the real Hogwarts Express make Scotland a top MICE destination.

How to protect your events from destination boycotts

How to protect your events from destination boycotts

Panel of experts at IMEX America offer five contingency tips for event organisers planning global meetings in volatile times.

Freeman gets new EMEA leadership

Freeman gets new EMEA leadership

Brand experience agency appoints new managing director to be based in its London office.

5 trends shaping the future of business events

5 trends shaping the future of business events

What do delegates want from their events? Top tips from IMEX America for the future-focused planner.

LATEST JOBS