Your questions answered

Inadequate systems and processes resulted in cybercriminals accessing the financial and personal data of 400,000 British Airways customers. When investigating this privacy violation, a further data breach was uncovered.On this occasion, 77,000 reward bookings customers had their personal and payment information stolen.

Customers who booked flights online or via the app between 21 April 2018 and 28 July 2018 and/or 21 August 2018 and 5 September 2018 (using a debit or credit card) can make a British Airways data breach claim. Those customers who are involved in the rewards bookings data breach can also join our action.

British Airways has emailed everyone affected by the data breach. If you do not have that email, you might still be affected as the email could have gone into your spam folder and subsequently been deleted. If you booked flights online or via the British Airways app between 21 April 2018 and 28 July 2018 and/or 21 August 2018 and 5 September 2018 using a debit or credit card you could be affected by this breach.

If you suspect that you are involved in this breach, but have not been contacted by BA, you can ask the airline if you were put at risk. This is called making a data subject access request (D/SAR).

The ICO has a template you can use to make a SAR.

• Evidence that you purchased tickets from BA during the data breach periods.
• Confirmation from BA that you are involved in this breach.
• Evidence that the card you used to purchase the tickets has been used fraudulently (or has attempted to be used).
• Evidence that you needed to cancel the card you used to purchase the tickets.
• Evidence of any distress experienced because of this breach.

You do not need all this evidence to make a claim, but please gather as much as possible.

Unfortunately yes. Cybercriminals have used the information stolen to further harm against those affected by the breach.

British Airways has been fined £20 million for a huge data breach. But the money from this fine will not be used to compensate victims. To get justice, you can make a no-win, no-fee compensation claim.

BA was the victim of cybercriminals. But the British Airways data breach would not have happened if the airline had implemented robust security processes.. So, BA is responsible.

We cannot say for sure, but according to various media reports, British Airways has shown willingness to settle these claims and avoid Court

While there is no guarantee, British Airways has shown willingness to settle these data breach claims and avoid Court.

Looking at similar cases, compensation of around £2,000 per person seems likely.

A BA pay-out is imminent. Time is running out you MUST register by JUNE 2021.