15 January 2021

Over 16,000 people are seeking compensation from British Airways (BA) over a data breach three-years-ago, according to lawyers acting for the victims.

In September 2018, the UK’s flag carrier admitted that the personal details of 420,000 customers – including names, debit and credit card numbers, addresses and email addresses – had been stolen.

Law firm PGMBM has since announced that a record number of customers have signed up for the action – the largest opt-in group action for a data breach in UK history. Lawyers estimate that each claimant could be in line for £2,000 in compensation, putting BA’s overall potential liability at around £800m.

“British Airways passengers feel let down by what transpired,” said PGMBM partner, Tom Goodhead. “They are well within their rights to be compensated for what was previously a trusted airline playing fast and loose with their personal information, leaving it vulnerable for nefarious hackers to take advantage of. “We trust companies like British Airways with our personal information and they have a duty to all of their customers and the public at large to take every possible step to keep it safe. In this instance, they presided over a monumental failure.”

Having initially fined the carrier £183m, the Information Commissioner’s Office (ICO) reduced the charge to £20m in October 2020 due to the impact of coronavirus on the airline’s finances.