How British Airways customers can apply for compensation and protect themselves from fraud after airline exposed 400,000 card details

How British Airways customers can apply for compensation and protect themselves from fraud after airline exposed 400,000 card details

SEVERAL hundred thousands British Airways customers had their card details stolen in a data breach last year but they may be eligible for compensation.
Today the Information Commissioner’s Office (ICO) said it plans to fine the airline £183.4million for the data breach.
1 British Airways could be eligible for compensation due to last year’s data breachCredit: PA:Press Association
The penalty comes as a result of the General Data Protection Regulation (GDPR) rules, which came into force last year and aims to make it easier for people to control how companies use their personal details.
The personal and financial details of British Airways customers making bookings between August 21 and September 5 were stolen.
In total, card details of 380,000 customers were said to be leaked by the hackers.
Names, billing addresses and email addresses were also exposed – but BA claimed travel or passport details were not accessed during the breach.
The airline didn’t want to say exactly how many customers were affected and whether everyone had their card details stolen when contacted by The Sun today.
It also didn’t want to say whether customers can expect to be compensated for the breach, yet customers can apply for it anyway.
It’s also important to ensure you’re protected against fraud if your details have been leaked. Below we explain how.
How to apply for compensation
Under GDPR rules, British Airways should’ve told you without delay if there had been a serious risk to your data being exposed, consumer rights expert Martyn James told The Sun.
Of course, it might not have known if you were affected, so if you haven’t heard from them but you’re still worried, get in touch and ask them to investigate.
How to keep yourself safe from hackers and scammersHERE’s how to stay safe online.

Make a ‘strong’ password with 8 or more characters and a combination of upper case characters, numbers and symbols
Don’t do online banking on public WiFi, unless absolutely necessary
Don’t click on dodgy email links claiming to be from banks
Use different passwords for different sites
Never re-use your main email password
Use anti-virus software
Don’t accept Facebook friend requests or LinkedIn invitations from people you don’t know
Think before you put personal info on social media
Find My iPhone, Android Lost and BlackBerry Protect all allow you to remotely wipe a stolen phone. Set this feature up
Only shop online on secure sites
Don’t store your card details on websites
Password protect your phone and other devices

Sadly, if you’ve been defrauded after the BA data breach, you may find it tricky to prove that it’s a direct result of this, as you could’ve had your details stolen elsewhere.
Yet you could ask for compensation for “distress or inconvenience” under GDPR rules, said Martyn.
This can be done in two main ways – either directly to BA by contacting its customer service on 0344 493 0787.
Or you can report it to the Information Commissioner who will investigate whether BA should be held liable, but keep in mind it can’t give you any compensation.
Yet you could use the results of its investigation to support a claim when contacting BA later on, and it may increase your chances for a successful claim.
Either way, you’ll need to show that there has been upset and distress caused by the breach.
The claims procedure can begin once BA has been held responsible by the ICO and the appeal process has ended – the airline has 28 days to appeal today’s decision.
In other words, it might be worth sitting tight to see how the story develops in the next month, Martyn said – but you can collect your evidence in the meantime.
How to protect yourself from fraud
If you’re worried about your data potentially being in the hands of fraudsters, you can take a few simple steps to protect yourself from fraud.
First of all, it’s important to change your passwords and also to not have the same one for every site.
Martyn said: “Fraud is actually low-tech. Fraudsters find one password and username and enter it in to every shop, bank or credit provider to see if they get a hit.”
By having a different password for banking, shopping and bills, for example, you also don’t have to spend ages going through each website if your data is exposed, Martyn added.
As always, it’s also important to regularly keep an eye on your statements to see whether any mysterious transactions appear.
If you spot any purchases you haven’t made yourself, immediately contact your bank to cancel your card.
Or to save yourself the trouble and to be on the safe side, it could be worth cancelling the card you’ve used on the BA website beforehand.
If your data has been exposed, it’s also important to keep an eye on your credit report, said Martyn.
This way you’ll know if lenders conduct credit checks – for example, if crooks try to take out credit cards or loans in your name.
There’s no need to pay for this service – we explain how to check your report for free in the box below.
How do I check my credit report?TWO thirds of Brits have no idea what their credit score is, so it’s worth checking yours.All three credit rating agencies offer you the chance to view your score, report and more for a monthly fee BUT you can get hold of your score for free without paying for a subscription.
Experian – Sign-up to its CreditMatcher service which will give you access to your score. If you want access to your full report you’ll pay £14.99 a month after a 30-day trial period ends.
Equifax – You can get your Equifax report AND score through a website called Clearscore. If you go to Equifax directly you’ll pay £14.95 a month after its 30-day free trial.
Call credit – You can get your report and score for free via its Noddle website, which advertises loans and cards you are likely to be accepted for.
You also have a legal right to access your report from each CRA for just £2 – but this won’t include your score.

MOTHER CLUCKER KFC cuts boneless banquet price to £5 and brings back its trilogy box meal CHILD MINDER Millions of working parents can get £2k a year to cover school holiday clubs TICKED OFF Motorists warned about fake traffic wardens stealing bank cards in new scam OUT OF THIS WORLD Mars will pay you £10.80 an hour to taste chocolate – here’s how to apply NEXT PLEASE Next’s 50% off clothing and homeware sale has landed and prices start at 75p BRITISH SCAREWAYS British Airways fined £183m after 400,000 customers’ card details stolen
Experts claimed in September that Russian hackers were behind the massive British Airways data theft.
Meanwhile, in 2016 TalkTalk was handed a £400,000 fine for failings that allowed cyber hackers to access customer data “with ease”.
Last month, BBC Watchdog also revealed that details of 4,500 TalkTalk customers were leaked online during the hack even though the firm said they were safe.
18 Brits booted off British Airways flight from Israel to Heathrow for ‘threats to blow up plane and anti-Semitic jokes’

We pay for your stories! Do you have a story for The Sun Online Money team? Email us at


Please enter your comment!
Please enter your name here