13 Jun 2022
Post-pandemic has made the travel industry even more vulnerable to hackers.
When the global pandemic COVID-19 hit, it greatly impacted the travel industry by bringing it to a standstill. Recent trends have indicated that travellers are journeying to regions where lockdowns have been lifted. This has definitely become a positive change for people; however, it has come with its own challenges.
Malicious actors are taking advantage of the growing interest in tourism to extort money from tourists, tour operators, and hotels. After the losses they've already incurred for more than a year, attacks on their networks and data breaches could cause more problems for travel companies.
One of the major breaches occurred in August 2021, when a British cybersecurity researcher, Bob Diachenko found his own personal data online after uncovering an unprotected database collecting personal information of over 106 million tourists travelling to Thailand. The exposed personal information consists of full names, arrival dates, gender, residence status, passport numbers, visa information, and Thai arrival card numbers. Diachenko was able to notify Thai authorities about this breach who then secured the database within 24 hours. This breach was a huge invasion of privacy, something that would prevent visits to Thailand. Not only does the breach impact personal information, but could have financial impacts on people’s lives as well.
A more recent exposed breach locally that’s happened is the AA Traveller breach. This has affected thousands of customers. The breach happened in August 2021 but they weren’t aware of it until March 2022. The fact that AA traveller took so long to inform their customers is absolutely unacceptable. Hackers were able to obtain names, addresses, contact details & expired credit card numbers that were on the AA Traveller website between the periods 2003 & 2018. While AA Traveller have secured its site; this is once again a big invasion of privacy that can negatively impact the company and impact the individuals who were not informed till now.
All industries are a target for hackers, so, business resilience is a must! To stay ahead of potential breaches and protect your business, it is essential to create a cyber resilience strategy. Not sure where to get started? Talk to us to get an independent risk assessment to understand where your business's cyber risks are and what your cyber risk appetite is.