I wonder what the GDPR situation with a breach before the go-live date but disclosure wwwellllll delayed until after. It's delayed disclosure that brings the biggest fines.
"We want to reassure our passengers that we took and continue to take measures to enhance our IT security,"
And why did el Reg publish this without challenging it.