ABTA web hack may have affected 43,000 users

Consumer
Thursday 16 March 2017 at 11:04am

'Personal identity information' may have been accessed. Credit: ABTA/PA

A cyber attack on the website of travel trade organisation ABTA may have affected around 43,000 individuals, the company said today.

The organisation said around 1,000 files which may include "personal identity information" of holidaymakers who had made complaints about ABTA members could have been involved in the hack.

ABTA is the UK's largest travel association, representing travel agents and tour operators.

The company said it was hacked through a server managed by a third party, adding that data provided by some customers of ABTA Members - travel companies which ABTA represents - and by ABTA Members themselves, may also have been accessed.

The hack occurred on February 27 and it is thought passwords used to get log into ABTA's website may have been accessed.

Chris Choi: ABTA takes more than a fortnight to alert customers of data breach

The company also said complaints about ABTA Members and to documents uploaded to ABTA's website in support of memberships, may also have been compromised.

ABTA said they were "not aware of any information being shared beyond the infiltrator" and are "actively monitoring the situation".

The police and Information Commissioner have been alerted to the incident.

Anyone who may has had their information stolen will be contacted on Wednesday.

Mark Tanzer, ABTA CEO, offered a "personal apology for the anxiety and concern that this incident may cause".

He continued: "It is extremely disappointing that our web server, managed for ABTA through a third party web developer and hosting company, was compromised, and we are taking every step we can to help those affected.

"I will personally be working with the team to look at what we can learn from this situation."

The hack took place on February 27. Credit: PA

What to do if you're registered to ABTA

If you are registered on abta.com then the advice is to change your password and, if you use this password or any variation of it for other accounts, change those too.

If you have uploaded documents on abta.com in relation to a complaint about an ABTA member since January 11, 2017, this documentation may have been accessed. If you provided contact details to register a complaint about an ABTA member, this data may also have been accessed.

You should remain vigilant regarding online and identity fraud: actively monitor your bank accounts and any social media and email accounts you may have.

ABTA is making a free identity theft protection service available to members who may have been affected.

ABTA has contacted every member of the public who it believes has the potential to have been affected with guidance information, including contact details for a dedicated helpline to assist with any further questions.