AI Business is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 3099067.

AI Verticals

UK's data watchdog issued $59 million in fines over data breaches, privacy in 2020

Article ImageBritish Airways, Marriot, and Ticketmaster all penalized for failing to manage customer data

The UK’s Information Commissioner's Office (ICO) issued more than £42 million ($59m) worth of fines in 2020 to companies that breached data protection and privacy regulations.

The numbers were published in the agency’s annual ‘work to recover fines’ report, revealing a catalog of misadventures across a variety of sectors.

You get a fine, and you get a fine

The largest fine of 2020 was issued to British Airways (BA). Last October, the airline was hit with a £20 million ($28m) penalty after personal and financial details of more than 400,000 of its customers were stolen during a cyber attack in 2018.

ICO found that BA had failed to put in place adequate security measures to prevent such an attack, with the airline only discovering the breach two months after it occurred.

Hotel chain Marriott International took the second-largest fine, after a similar cyber attack in 2014 against its Starwood brand led to 339 million guest records stolen. That attack went undetected until 2018, with Marriott only being fined for the breach last October.

Email addresses, unencrypted passport numbers, and phone numbers were among the information obtained during the Marriott incident.

Ticketmaster was fined £1.25 million for a similar breach, which affected up to 40,000 customers.

A total of 17 penalties were issued last year according to official figures, with the likes of DSG Retail, CRDNN Limited, and Cathay Pacific all receiving fines totaling £500,000.

The industry worst affected was marketing, responsible for nine of the 17 fines.

Additionally, there were eight company directors disqualified following ICO enforcement action in 2020.

Trending Stories
All Upcoming Events

Upcoming Webinars

Latest Videos

More videos


More EBooks

Research Reports

More Research Reports
AI Knowledge Hub

Newsletter Sign Up

Sign Up