BA Data Breach Victims Granted Extension to File Claims

Victims of the two British Airways (BA) data breaches in 2018 have been granted an additional two months to file a compensation claim after the Group Litigation Order (GLO) window was extended.

The claims relate to two breaches recorded back in 2018: between August and September 2018, it was revealed that 380,000 transactions were compromised and later, 185,000 customers were notified that their personal and financial details were exposed between April and July 2018. Data compromised included payment card information, such as card numbers, expiry dates, and (in tens of thousands of cases) the CVV security code, as well as customer names, billing addresses and email addresses.

Evidence has been given by the defendant’s solicitor at the GLO application hearing that the total number of unique payment cards that may have been affected is 429,420.

Last month, Consumer action law firm Your Lawyers, which is leading the action, reported that the UK-based airline is planning to begin settlement discussions that could lead to a compensation pay-out of up to £3bn. However, BA responded with a statement continuing to deny liability and setting out their intention to fight the litigation.

The original deadline to join the GLO was April 3, but this has now been moved to June 3 2021. Beyond that date, affected customers will no longer be able to automatically join this group litigation.

The extension has been granted to allow new claimants to prepare their cases following a huge surge in sign-ups recently.

Your Lawyers has estimated that the average compensation award for each claimant could be around £6000, ranging from £500 to £15,000. This would leave BA with a total bill of up to £2.4bn.

Aman Johal, director at Your Lawyers, commented: “With affected customers given an additional two months to join the GLO, they should act without delay.

“It is concerning that BA continues to defend the litigation despite the fact their legal representatives have written to the court to express their intentions to enter into settlement negotiations. The impact and, therefore, the value of claims arising from this breach cannot be understated. Victims can suffer considerable distress when personal and sensitive information is exposed and they are at risk of being targeted for fraud and theft. It is a serious issue, and many of the thousands of clients that we represent have suffered severe consequences after a breach event. Many have fallen victim to fraud and have been forced to change how they use services forever.

“It is time for the airline to publicly acknowledge what they must privately accept – that they are liable and will have to pay compensation.”

What’s Hot on Infosecurity Magazine?