Data relating to around 43,000 individuals – agents, operators and customers – has been illegally accessed after ABTA’s website was hacked.
ABTA said the data security incident, which took place on February 27, was possible due to a vulnerability by the third party web developer and hosting company of its site.
The association said an individual has been identified in relation to the breach but it could not comment further as it was now in the hands of police.
It insisted the vast majority of the 43,000 relate to people who have registered on abta.com, with email addresses and encrypted passwords, or have filled in an online form with basic contact details which are at ‘very low exposure risk to identity theft or online fraud’.
But around 1,000 were files that may include personal identity information of customers of ABTA members in support of a complaint and 650 may include personal identity information of ABTA members.
All those affected are being contacted today and ABTA has also set up a special phone line: 0203 758 8779.
"I would personally like to apologise for the anxiety and concern that this incident may cause to any customer of ABTA or ABTA member who may be affected," said chief executive Mark Tanzer.
"It is extremely disappointing that our web server, managed for ABTA through a third party web developer and hosting company, was compromised, and we are taking every step we can to help those affected.
"I will personally be working with the team to look at what we can learn from this situation."
Tanzer said ABTA had become aware of the breach on March 1 but that it had taken some time to establish what had been accessed and whether anyone was at risk.
"ABTA immediately engaged security risk consultants to assess the potential extent of the incident. Specialist technical consultants subsequently confirmed that the web server had been accessed," he said.
He said the association was not aware of any information being shared beyond the infiltrator.
"We are actively monitoring the situation, but as a precautionary measure we are taking steps to warn both customers of ABTA members and ABTA members who have the potential to be affected.
"We are today contacting these people and providing them with information and guidance to help keep them safe from identity theft or online fraud. We have also alerted the relevant authorities, including the Information Commissioner and the police."
p.p1 {margin: 0.0px 0.0px 0.0px 0.0px; font: 14.7px Calibri; -webkit-text-stroke: #000000} span.s1 {font-kerning: none}















