ICO fines for business data breaches surge in 2021

Byte-size Bulletin by Rachael Brown in Security, News on Sep 13, 2021

michael-longmire-lhltMGdohc8-unsplash_adobespark
In 2021 fines issued by the Information Commissioner’s Office (ICO) surged by 1580% according to an analysis by international law firm RPC.

The total amount of fines issued came to a record £42 million, originating mainly from two high profile data breaches that caused millions of people's personal data to become exposed.

These two breaches were:
 
1. The 2018 breach from British Airways which saw the personal data of 429,612 customers and staff compromised.
 
British Airways was fined £20M for this. 
 
2. The 2020 breach from hotel chain Marriott International which saw an estimated 339 million guest records exposed globally.
 
Marriott International was fined £18.4M for this. 

Richard Breavington, a partner at RPC, commented that “Clearly, the ICO will impose blockbuster fines when it wants large organisations to sit up and take notice.” 

Under the General Data Protection Regulation (GDPR), the maximum fine the ICO can issue is £17.5m or 4% of a company’s total worldwide annual turnover, whichever is higher.

Photo by Michael Longmire on Unsplash

 

Subscribe to our Bulletins





Free Download

Is IT a bottleneck to your company’s growth?

Discover how small business IT support can be a strong ally in making you more productive and competitive.

Download Ebook

bottlenecks