British Airways could face claims coming to more than £800 million in a group action over its 2018 data breach, according to law firm PGMBM.
The firm says that more than 16,000 individuals affected in the breach have signed up to the claim against BA. With over 420,000 passengers thought to be affected in total, each able to claim £2,000 in compensation, BA will face potential liability of over £800 million.
Lawyers at PGMBM say that the lawsuit is the largest group-action personal data claim ever seen in the UK.
“British Airways passengers feel let down by what transpired,” said Tom Goodhead, Partner at PGMBM. “They are well within their rights to be compensated for what was previously a trusted airline playing fast and loose with their personal information, leaving it vulnerable for nefarious hackers to take advantage of.”
“We trust companies like British Airways with our personal information and they have a duty to all of their customers and the public at large to take every possible step to keep it safe. In this instance, they presided over a monumental failure.”
In September 2018, BA revealed that its website and mobile app had been affected by a large-scale hack. Hackers were able to access a wide range of personal information including customers’ names and home addresses, and potentially compromising financial information such as credit card numbers, expiry dates and CVV codes. Usernames and passwords of BA employee and administrator accounts were also stolen.
[ymal]
In accordance with the EU General Data Protection Regulation (GDPR), which the UK still operates under, BA passengers who have had their information compromised in the breach are entitled to compensation for non-material damage. These passengers now have 64 days left to sign on to the group action lawsuit.