After all the data breaches at various organizations, a holiday camp company has now featured as the next victim of cyber attack. Reportedly, Butlin’s suffered a data breach this week through a phishing attack. Butlin’s is a UK-based chain of holiday camps providing affordable holiday solutions.
Butlin’s Suffered Data Breach After Phishing Attack
On August 9, 2018, Butlin’s published a detailed notice on their website informing visitors about malicious activity that has occurred. Allegedly, Butlin’s suffered a data breach this week after becoming a victim of a phishing attack.
“We have discovered there has been an attempt to access some of our guest data by an un-authorised 3rd party. It was the result of a phishing attack via an unauthorised email.”
They suspect the unknown attackers might have accessed the details of around 34,000 Butlin’s customers.
Explaining the breached data, the company states,
“The data which may have been accessed includes booking reference numbers, lead guest names, holiday arrival dates, postal and email addresses and telephone numbers.”
Company Follows GDPR Requirements
After noticing the incident, Butlin’s began informing their customers about the data breach as per EU GDPR rules. They have also begun investigations and have reported the matter to concerned authorities.
“We have reported this incident to the Information Commissioners Office and are putting more measures in place to reduce the risk of something like this happening again.”
Butlins have assured that customer payment details remain safe since the incident.
“We would like to assure all our guests that their payment details are secure and have not been compromised. Guest usernames and passwords are also secure.”
Butlin’s plans to remain informing the customers affected in the breach by August 13, 2018. According to their statement, those who do not hear from Butlin’s by August 13, 2018, can issue they remained unaffected from the incident.