British Airways was hacked in 2018, and more than 420,000 passengers and employees had their personal information and credit card data stolen.
The Information Commissioner’s Office in the UK on behalf of all EU/EEA member states intended to fine the airline £183M that was lowered to a mere £20M due to the Covid-19’s effect on BA’s business and balance sheet.
You can access the site to get your claim in here.
Note that you must claim by March 19, 2021, to be part of the class.
Here’s a copy of the email that British Airways sent in October 2018:
Here’s the release from the law firm representing victims:
British Airways privacy claim becomes biggest of its kind in the UK – over 16,000 victims sign up to legal action against airline over data breach
Over 420,000 British Airways customers affected by massive 2018 data breach
Law firm PGMBM are the lead solicitors in the group litigation case against airline over ‘monumental failure’
Victim compensation estimated to be up to £2,000 each – potential BA liability of over £800million
Consumer claim deadline on 19 March 2021
LONDON: The legal case against British Airways over its 2018 customer data breach has become the largest group-action personal data claim in UK history, as over 16,000 victims seek compensation from the airline.
British Airways revealed on 7 September 2018 that there had been a breach of its security systems, leading to over 420,000 customers and staff having their personal data leaked, including names, debit and credit card numbers, addresses and email addresses.
Law firm PGMBM are the lead solicitors in the group litigation case against British Airways on behalf of victims, and have revealed that over 16,000 potential victims and counting have so far signed up to join what is now the largest group-action personal data claim in UK history, ahead of the 19 March deadline, at the dedicated website badatabreach.com.
They expect that victim compensation could be up to £2,000, putting BA’s overall potential liability at around £800million.
Tom Goodhead, Partner at PGMBM, said: “British Airways passengers feel let down by what transpired. They are well within their rights to be compensated for what was previously a trusted airline playing fast and loose with their personal information, leaving it vulnerable for nefarious hackers to take advantage of.
“We trust companies like British Airways with our personal information and they have a duty to all of their customers and the public at large to take every possible step to keep it safe. In this instance, they presided over a monumental failure.”
In July 2019, the Information Commissioner’s Office issued a notice of its intention to fine British Airways £183million for infringements of the General Data Protection Regulation (GDPR). However, in October the ICO revised the fine down to £20million, having considered representations from BA and the impact of Covid-19 on the business.
Goodhead welcomed the ICO decision to reduce the fine levied against British Airways but says that now is the time for the victims to be compensated.
Goodhead said: “Unfortunately Covid-19 has taken a toll on the airline industry and the move by the ICO to reduce BA’s fine was a sensible one. However, the ICO fine does not cover any compensation for victims of the breach.
“But the ICO set forth in no uncertain terms that BA failed to take adequate measures to keep the vital personal and financial information of its passengers secure. It’s yet another instance of a massive corporate entity showing complete disregard for their customers, and those customers deserve some redress.”
The data breach saw hackers access personal information including names, addresses, payment card numbers and CVV numbers of BA customers, as well as usernames and passwords of BA employee and administrator accounts.
Under the EU General Data Protection Regulation (EU-GDPR), British Airways customers who have had their personal information compromised by this breach have a right to compensation for non-material damage – inconvenience, distress, annoyance and loss of control of their personal data.
How do I know if I am a victim?
Affected British Airways passengers received an email from the airline in 2018 notifying them that their data had been compromised. The email is likely to have had the subject line, ‘Criminal Theft of Customer Data, more information’.
Passengers may have to check their junk or spam email folders to find the email, as well as their relevant British Airways booking reference. If a passenger cannot find the email but are sure they received it, they can still get in touch with PGMBM to sign a statement of truth.
All affected customers from around the world can join the claim on a no-win, no-fee basis, whether the exposure of their personal data has led to significant ill effects or not, via badatabreach.com.
PGMBM are a specialist in international group litigation and are the court-appointed lead solicitors in the group litigation surrounding British Airways’ data breaches. Goodhead has highlighted that while BA deny liability, it is important to maintain progress on the fight for the victims.
Goodhead said: “At the Case Management Conference in November 2020, British Airways informed the High Court that it was open to the possibility of entering into settlement discussions with the Claimants.
“We have not yet received any settlement proposals from BA and, until such time as any are received, we will continue to progress the litigation, including at the upcoming Costs and Case Management Conference in the High Court in February.”
Here are our previous pieces on this topic for more in-depth information:
I was part of the previous FUEL SURCHARGE class action and for 12,500 Avios!
I doubt that all class members would get 2,000 GBP compensation, but I truly believe that it is time to send these businesses a message that they cannot leave their front door open, as BA did here, allowing all of our data stolen without any consequences.
An American Express that I used to pay for BA flight purchases was comprised in early 2020 when I was traveling. It is always a huge hassle to deal with fraudulent charges and replacing cards when you are on the road.
I encourage all eligible class members to get their claims in. Once this is all said and done, the payment to you is likely a lot less than the “potential” 2,000 GBP that the law firm pushes. I would expect it to be in the low hundreds.
There is no love lost between this Gold Guest List (GGL) member and BA. This is purely a business relationship as it should.