British Airways agrees settlement over 2018 data breach

Carrier faced action from 420,000 customers whose details were compromised

British Airways says it is “pleased” to have settled a legal claim by 420,000 people over a data breach in 2018 and apologised

The breach affected customers as well as BA staff and included names, addresses, and payment-card details.

The value of BA’s settlement remains confidential. It follows a fine of £20 million that was handed out to BA by the Information Commissioner’s Office lat year over the “unacceptable” failure to protect customers.

BA said: “We apologised to customers who may have been affected by this issue and are pleased we’ve been able to settle the group action. When the issue arose we acted promptly to protect and inform our customers.”

Law firm Pogust, Goodhead, Mousinho, Bianchini and Martins said earlier this week that the settlement included compensation for “qualifying claimants who were part of the litigation”, which it claimed earlier this year was the “largest group-action personal-data claim in UK history”, with more than 16,000 affected people involved.

But it remains unclear how many of the 16,000 will receive a payout – or how much BA will end up paying – due to the confidential nature of the settlement.

The ICO’s multi-million-pound fine “did not provide redress to those affected”, PGMBM chairman Harris Pogust said. “This settlement now addresses that.”