British Airways (BA) customers affected by two data breaches in 2018 have just one year to claim compensation from the airline.
Hackers stole an estimated 500,000 customers’ personal and payment card details who had purchased flights via the airline’s official website, app and Avios, the airline’s reward scheme.
Affected customers could be due thousands of pounds in compensation as a result of the cyber attack.
‘A sophisticated and malicious attack’
Passenger details, including full name, travel plans, card payment address, email address and card details, including the three digit code (CVV) were all stolen in an attack that BA described as “sophisticated” and “malicious”.
At the time of the breach, British Airways issued a statement promising to reimburse all customers who had incurred losses as a result of the breach.
And now the airline has put in a place a claim deadline of 17 January 2021. Affected customers have been urged to file a claim as soon as possible in order to avoid missing out.
In October 2019 the airline was slapped with a potential fine of £183m by the Information Commissioner’s Office (ICO) for the breach of their security systems.
The penalty was roughly 367 times larger than the previous highest fine for a data breach, a penalty of £500k which was issued to Facebook for their role in the Cambridge Analytica scandal.
How to find out if you’re affected – and what to do next
According to British Airways all affected customers have been contacted and have received apology.
At he time of the incident they released an official statement detailing the incident.
They wrote, “If you believe you may have been affected because you made a booking or paid to change your booking with a credit or debit card on ba.com or the mobile app between 22:58 BST August 21 2018 until 21:45 BST September 5 2018, we recommend you contact your bank or credit card provider and follow their advice.
“We understand that this incident will cause concern and inconvenience. We are contacting all affected customers to say sorry, and we will continue to update them in the coming days.”
As of October 4 2019 it was estimated that just 7,500 of affected customers had come forward to make a claim.
Customers who suffered financial losses can also claim compensation for distress suffered as a result of the data breach.