Kate Bevan, Which? Computing editor, said:
“It’s good to see the Information Commissioner sending a clear message to companies that it is unacceptable to play fast and loose with people’s personal data. However, our research suggests British Airways still has serious vulnerabilities on its websites that are leaving customers potentially exposed to opportunistic cybercriminals.
“Some customers will also be frustrated if they’ve suffered financially and emotionally from this data breach and had no redress. The government should provide a much clearer route by allowing for an opt-out collective redress regime that deals with mass data breaches.”
Notes to editors