Travel firm hit by £150,000 data fine

Travel firm hit by £150,000 data fineThe company behind online travel services company Essential Travel has been slapped with a £150,000 fine after a “staggering lapse of data security” revealed more than a million people’s personal details to a malicious hacker.
The Information Commissioner’s Office has issued the fine to Think W3, after Essential Travel was hacked in December 2012 after using insecure coding on its website. The hacker extracted a total of 1,163,996 credit and debit card records, of which 430,599 were identified as current and 733,397 as expired.
Cardholder details had not been deleted since 2006 and there had been no security checks or reviews since the system had been installed.
ICO head of enforcement Stephen Eckersley said: “This was a staggering lapse that left more than a million holiday makers’ personal details exposed.
“Data security should be a top priority for any business that operates online. Think W3 accepted liability for failing to keep their customers’ personal data secure; failing to test their security and failing to delete out-of-date information.
“The public’s awareness of the importance of data protection is rising all the time. Ignorance from data controllers is no excuse. They must take active steps to ensure the personal data they are responsible for is kept safe or face enforcement action and the resulting reputational damage.”
Last week, the ICO was forced to admit it had suffered an internal data breach at its offices, although the regulator failed to give precise details about the scale of the issue or the punishment meted out.

Related stories
ICO admits internal data breach
ICO’s online security ‘safe as houses’
Abortion charity hit by £200,000 fine
Cyber gang banged up for 30 years
Gang held in Santander hack scam
Staffer held over Morrisons breach
Hackers ‘get ugly’ with mega attack
UK data breach fines top £2.5m
ICO defends ‘paltry’ £250k Sony fine
Adobe data attack ‘may hit billions’
Top US stars hit by D&B breach
Foxtons hit by online hack attack

1 Comment on "Travel firm hit by £150,000 data fine"

  1. Travel firm hit by £150,000 data fine http://t.co/MWkIInoS75 #directmarketing #digitalmarketing #dataprotection

Comments are closed.