London (CNN Business) British Airways faces a record $230 million fine after a website failure compromised the personal details of roughly 500,000 customers.

It would be the largest penalty yet under a tough privacy rule known as the General Data Protection Regulation, which came into force last year in the European Union.

The UK Information Commissioner's Office said that weak security allowed user traffic to be diverted from the British Airways website to a fraudulent page starting in June 2018. The regulator said the company will have a chance to contest the proposed fine.

Attackers were able to harvest customer details including log ins, payment cards, and travel booking details, according to the regulator. The airline disclosed the incident in September 2018.

IAG ICAGY The £183.4 million ($230 million) fine is roughly 1.5% of British Airways' annual revenue. The carrier, which is owned by, said it would fight the penalty.

Read More