UKs ICO fines British Airways a record 183M over GDPR breach that leaked data from 500,000 users

The U.K.’s Information Commissioner is starting off the week with a GDPR bang: This morning, it announced that it has fined British Airways and its parent International Airlines Group (IAG) £183.39 million ($230 million) in connection with a data breach that took place last year that affected a whopping 500,000 customers browsing and booking tickets online. In an investigation, the ICO said that it found “that a variety of information was compromised by poor security arrangements at [BA], including log in, payment card, and travel booking details as well name and address information.” The fine — 1.5% of BA’s total revenues for the year that ended December 31, 2018 — is the highest-ever that the ICO has leveled at a company over a …

The Biggest Cybersecurity Crises of 2019 So Far

Six months of 2019 are on the books already, and certainly there have been six months' worth of data breaches, supply chain manipulations, state-backed hacking campaigns, and harbingers of cyberwar to show for it. But the hallmark of 2019, perhaps, is feeling like the worst is yet to come. Ransomware is an ever-growing threat, corporate and US government security is still a mess, and geopolitical tensions are rising worldwide. Before we see what the future holds, though, let's recap some of the major cybersecurity incidents that have cropped up so far this year. US Customs and Border Protection Contractor Perceptics In May, a surveillance contractor for Customs and Border Protection suffered a breach and hackers stole photos of travelers and …

After breach, Stack Overflow says some user data exposed

After disclosing a breach earlier this week, Stack Overflow has confirmed some user data was accessed. In case you missed it, the developer knowledge sharing site confirmed Thursday a breach of its systems last weekend, resulting in unauthorized access to production systems — the front-facing servers that actively power the site. The company gave few details, except that customer data was unaffected by the breach. Now the company said the intrusion on the website began about a week earlier and “a very small number” of users had some data exposed. “The intrusion originated on May 5 when a build deployed to the development tier for stackoverflow.com contained a bug, which allowed an attacker to log in to our development tier …