Law firm seeking leak victims to launch £500m suit at British Airways

Prosecutors rub their hands with glee

By John Leyden


British Airways faces a £500m lawsuit over its recent mega-breach that exposed payment card details of 380,000 customers.

The airliner last week apologised and offered to compensate customers for any direct financial loss for the attack that took place between 21 August and 5 September via its website and app.

However, an group-action suit* led by SPG Law contends BA has not gone far enough and should be paying travellers for the "compensation for inconvenience, distress and annoyance associated with the data leak".

The action points to compensation rights in the European General Data Protection Regulation, which came into effect in May.

SPG Law, the Brit limb of US firm Sanders Phillips Grossman, set up a dedicated micro-site to get victims to sign up to the case.

The firm, which cynics might dismiss as an ambulance chaser, is recruiting participants on a "no win, no fee" basis. It has suggested its offer is the best and most straightforward way passengers might be able to secure up to £1,500 compensation.

SPG Law said it would cap its fees at a maximum of 35 per cent including VAT.

If the case goes to court, SPG Law acknowledged the possibility that the airline may win and might even be awarded legal costs.

"In the event that it is necessary to litigate, we will arrange insurance on behalf of all Claimants who sign up with us," it said. "This will protect you against having to pay BA's costs in the unlikely event that the claim is lost."

British Airways is yet to respond to a request for comment from The Register. ®


*A group-action lawsuit is the English law equivalent of a class-action lawsuit. SPG Law is also "campaigning" to mount a group-action lawsuit over the VW emissions scandal on behalf of affected drivers. The firm is acting just days after the breach was disclosed and before the dust has settled and the facts are known.

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

UK privacy watchdog threatens British Airways with 747-sized fine for massive personal data blurt

Half a million records lost? £183m GDPR fine lined up

'World's favorite airline' favorite among hackers: British Airways site, app hacked for two weeks

380,000 payment cards, personal info slurped by crooks

British Airways: If you're feeling left out of our 380,000 passenger hack, then you may be one of another 185,000 victims

Names, billing addresses, email addresses, card info, CVV numbers in some case...

Revealed: British Airways was in talks with IBM on outsourcing security just before hack

Exclusive El Reg leaked memo sent weeks before crooks swiped payment cards

British Airways hack: Infosec experts finger third-party scripts on payment pages

Airline yet to reveal breach's cause

Buffer overflow flaw in British Airways in-flight entertainment systems will affect other airlines, but why try it in the air?

Researcher's stumbling on bug was risky to say the least

Generally Disclosing Pretty Rapidly: GDPR strapped a jet engine on hacked British Airways

Analysis Suddenly, corps in a rush to fess up to e-break-ins

British Airways' latest Total Inability To Support Upwardness of Planes* caused by Amadeus system outage

Exclusive Stuck on the ground awaiting a load sheet? Here's why

Card-stealing code that pwned British Airways, Ticketmaster pops up on more sites via hacked JS

Feedify's whack-a-mole with MageCart malware miscreants

Another day, another British Airways systems screwup causes chaos

Flying from London? Add a few hours on for good measure