Skip to Content
Computing

British Airways hack could provoke the wrath of the GDPR

September 7, 2018

A hack of the airline’s system left hundreds of thousands of passengers’ financial information exposed, and a big fine could follow.

The news: Sometime between August 21 and September 5, more than 380,000 customer transactions on the British Airways website were compromised by hackers. The company began notifying those affected yesterday.

The law of the land: The EU’s newly minted General Data Protection Regulation requires that companies take precautions to protect customer data and notify authorities of any breaches within 72 hours.

The penalty: If it’s determined that British Airways didn’t do enough to protect consumer information, it could be facing a fine of up to 4 percent of its annual revenue (that works out to about 500 million pounds). That is a big “if,” though. Even well-protected companies can be hacked, so the mere fact that the data was compromised doesn’t mean the company is at fault. In the meantime, the company’s CEO has promised to compensate any customers financially affected by the hack.

Why it matters: This timing of this hack isn’t great for British Airways. This is one of the first major data breaches since the new regulations went into effect. Regulators may see this as an opportunity to make an example of the company to show they are serious about enforcing GDPR. As Julian Saunders, founder of Port.im, a British software maker that helps companies comply with GDPR, told Bloomberg, “At some point a line needs to be drawn and this might be the best time to do it.”

Deep Dive

Computing

A chip design that changes everything: 10 Breakthrough Technologies 2023

Computer chip designs are expensive and hard to license. That’s all about to change thanks to the popular open standard known as RISC-V.

Modern data architectures fuel innovation

More diverse data estates require a new strategy—and the infrastructure to support it.

Chinese chips will keep powering your everyday life

The war over advanced semiconductor technology continues, but China will likely take a more important role in manufacturing legacy chips for common devices.

The computer scientist who hunts for costly bugs in crypto code

Programming errors on the blockchain can mean $100 million lost in the blink of an eye. Ronghui Gu and his company CertiK are trying to help.

Stay connected

Illustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.