Abta website targeted in cyber attack

The Association of British Travel Agents said on Thursday that a cyber attack on its website may have affected around 43,000 individuals and 650 of its members.

The incident occurred on 27 February and related to some customer information, including complaints about Abta members and to documents uploaded via the website in support of Abta membership.

The organisation said about 1,000 files accessed may include the personal identity information of individuals who made complaints about Abta members.

Abta said the majority of the data related to email addresses and passwords for any Abta member or customer of a member that had registered on abta.com. Although the passwords were encrypted, meaning there is a very low exposure risk of identity theft or online fraud, members and affected customers were being urged to change their passwords.

Chief executive officer Mark Tanzer said the group is not aware of any information being shared by the infiltrator.

“We are actively monitoring the situation, but as a precautionary measure we are taking steps to warn both customers of Abta and Abta members who have the potential to be affected. We are today contacting these people and providing them with information and guidance to help keep them safe from identity theft or online fraud. We have also alerted the relevant authorities, including the Information Commissioner and the Police.

“I would personally like to apologise for the anxiety and concern that this incident may cause to any customer of Abta or Abta member who may be affected. It is extremely disappointing that our web server, managed for Abta through a third party web developer and hosting company, was compromised, and we are taking every step we can to help those affected. I will personally be working with the team to look at what we can learn from this situation.”