GDPR – High Court decision paves way for mass litigation on BA data breach

GDPR – High Court decision paves way for mass litigation on BA data breach

Thousands of British Airways customers have been given the green light to to bring compensation claims against the airline over a data breach, in one of the most significant test cases since the implementation of GDPR in May 18.

Half a million people were left exposed by the cyber attack on BA’s systems last year last year and BA could face a record fine for their “poor security arrangements”.

At a hearing at the High Court in London, Mr Justice Warby granted a group litigation order, paving the way for a mass legal action.

The Breach

Personal details, including payment data and addresses, were compromised by the hack, according to the Information Commissioner’s Office.

Part of the scam involved passengers being diverted to a fake website, through which their details were harvested by the attackers.

The airline informed the ICO and began to contact affected customers when it discovered the breach in September 2018.

The ICO announced in July this year its intention to impose a record fine of more than £183 million on BA over the breach, which is believed to have started in June 2018.

The Claims

There are currently more than 5,000 affected customers being represented by SPG Law and a further 230 represented by Your Lawyers Limited, who are bringing claims for compensation.

But the potential number of claimants is much larger and the judge granted a window of 15 months from the hearing on Friday for people to join the group litigation.

Alan Johal, director of Your Lawyers, said: “Today’s grant of a group litigation order is a key step towards justice for the hundreds of thousands of victims of the British Airways data breach scandal.”


Credit to the Evening Standard for the original article;