British Airways agrees to settle with victims of 2018 data breach
British Airways has agreed to settle with customers and staff who were affected by a 2018 data breach that led to personal information being leaked to a third party.
The court-appointed lead solicitors said on Tuesday that BA had agreed to settle the case with customers and staff who were affected, though it doesn't include any admission of liability by BA. Those part of the group action lawsuit will receive an undisclosed amount, as reported by Reuters.
Sign up to receive the daily TPG newsletter for more travel news!
In 2018, British Airways unveiled that the personal data of 420,000 staff and customers was leaked to a third party. Those affected had their email address, postal address, credit card number, expiration date, CVV, travel booking and login information compromised between June and early September 2018.
Those who were affected were informed by British Airways in 2018.
It's not clear how much Tuesday's settlement is worth. However, if the Information Commissioner's Office (ICO) is any indication, it proposed a fine of £183 million in 2019. That amount was later reduced to £20 million and paid out to European data authorities and Her Majesty's Treasury.
Related: How to protect yourself against reward programme data breaches
"We are deeply sorry for the disruption that this criminal activity has caused," British Airways then-CEO Alex Cruz said in a statement at the time of the breach. "We take the protection of our customers' data very seriously."
In an emailed statement to Reuters on Tuesday, the airline said that it was pleased to settle the group action suit.
If you were affected by the 2018 breach, you should have already heard from British Airways at the time of the incident. If you were part of the group action suit, you should be receiving an undisclosed amount of money from the airline.