There was a recent attack on ABTA, United Kingdom’s largest travel association website which affected around 43,000 people including 1000 holiday makers private details.
ABTA (Association Of British Travel Agents) claim that the hackers got in to their web servers hosting the organization’s website and stole data from their customers, members and tour operators
The Chief executive of ABTA, Mark Tanzer said that “I would personally like to apologize for the concern and anxiety this hacking incident may have caused our customers of ABTA as well as the ABTA members who were affected”
He further added that” It is extremely disappointing that our web server, managed for ABTA through a third party web developer and hosting company was compromised and put through such a risk”. Mark Tanzer added that they are taking every step they can to help and fix those who were affected through this hacking.
Tanzer claims that ABTA are still not aware if the hackers are planning on distributing the stolen data to others but they have warned their customers and ABTA members to remain cautious. They are also contacting the people who have been compromised and are providing them with information and guidance to keep them safe from online fraud as well as identity theft.
ABTA has alerted the data watchdog, the police and the information commissioner to remain alert on this matter. Once ABTA became aware of this intrusion they alerted the third-party suppliers of the ABTA website to help fix this vulnerability. The association asked the ABTA members as well as the members who are registered on the website of abta.com to change their passwords immediately and have asked them to remain vigilant.
The vice president at the security firm of Avecto, Andrew Avanessian said that, “Although the risk of fraud following this attack is minimal as passwords were encrypted, this appears to be another preventable breach. Cyber security is simple if you focus on getting the foundations right, and in this case, not for the first time; it was a third party that fell short.
It is very important for all organizations to focus on their relation with the third parties when they form cyber-security strategies and also make sure that every end point in their security chain is secure. Hacking can take place from a single device and small loophole in cyber-security strategies and puts a great risk on personal information of many people.