British Airways hack could provoke the wrath of the GDPR
A hack of the airline’s system left hundreds of thousands of passengers’ financial information exposed, and a big fine could follow.
The news: Sometime between August 21 and September 5, more than 380,000 customer transactions on the British Airways website were compromised by hackers. The company began notifying those affected yesterday.
The law of the land: The EU’s newly minted General Data Protection Regulation requires that companies take precautions to protect customer data and notify authorities of any breaches within 72 hours.
The penalty: If it’s determined that British Airways didn’t do enough to protect consumer information, it could be facing a fine of up to 4 percent of its annual revenue (that works out to about 500 million pounds). That is a big “if,” though. Even well-protected companies can be hacked, so the mere fact that the data was compromised doesn’t mean the company is at fault. In the meantime, the company’s CEO has promised to compensate any customers financially affected by the hack.
Why it matters: This timing of this hack isn’t great for British Airways. This is one of the first major data breaches since the new regulations went into effect. Regulators may see this as an opportunity to make an example of the company to show they are serious about enforcing GDPR. As Julian Saunders, founder of Port.im, a British software maker that helps companies comply with GDPR, told Bloomberg, “At some point a line needs to be drawn and this might be the best time to do it.”
Deep Dive
Computing
A chip design that changes everything: 10 Breakthrough Technologies 2023
Computer chip designs are expensive and hard to license. That’s all about to change thanks to the popular open standard known as RISC-V.
Modern data architectures fuel innovation
More diverse data estates require a new strategy—and the infrastructure to support it.
Chinese chips will keep powering your everyday life
The war over advanced semiconductor technology continues, but China will likely take a more important role in manufacturing legacy chips for common devices.
The computer scientist who hunts for costly bugs in crypto code
Programming errors on the blockchain can mean $100 million lost in the blink of an eye. Ronghui Gu and his company CertiK are trying to help.
Stay connected
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.