British Airways Fined $229 Million for 2018 Data BreachThe fine is the largest ICO has levied against a company, far outweighing the £500,000 Facebook had to pay for the Cambridge Analytica scandal.

The Information Commissioner's Office (ICO), adata securitywatchdog in the U.K., has fined British Airways £183 million (approximately $229 million) for the company's poor security practices that let hackers gather information about the names, email addresses and credit card numbers of 380,000 transactions and affected 500,000 customers.

Thehack, which took place in June 2018, was conducted using the digital equivalent of a credit card skimmer -- injecting scripts that stole sensitive information from online payment forms or through compromised third-party suppliers. Security researchers at RiskIQ, which examined the attack, said that "only 22 lines of script victimized 380,000 people."

The ICOconfirmedthat the airline had cooperated with the investigation and made improvements to its security arrangements, however Alex Cruz, British Airways' chairman and chief executive, said the airline was "surprised and disappointed," according to the英国广播公司.

"British Airways responded quickly to a criminal act to steal customers' data. We have found no evidence of fraud/fraudulent activity on accounts linked to the theft. We apologize to our customers for any inconvenience this event caused." The company still has 28 days to appeal the fine.

In a statement, Information Commissioner Elizabeth Denham said, "People's personal data is just that -- personal. When an organization fails to protect it from loss, damage or theft it is more than an inconvenience. That's why the law is clear -- when you are entrusted with personal data you must look after it. Those that don't will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights."

This is reportedly the biggest fine that the ICO has levied on a company, far outweighing the£500,000 Facebook had to payfor its role in theCambridge Analytica scandal. This is because of theGeneral Data Protection Regulation (GDPR), which replaced the 1998 Data Protection Act and increased the maximum fine to 4 percent of a company's turnover.

英国航空公司(British Airways)的处罚仅为1.5%s 2017 turnover, so it's possible we will see larger punishments given to companies in future. The money British Airways hands over will be divided up between other European data regulators, with the money the ICO receives going directly to the U.K. government.