News

Abta insists ‘very low risk’ of identity theft or fraud

See also: Abta reveals cyber breach

Abta is contacting 43,000 members of the public and 650 members following a breach of its webserver and possible theft of data.

But Abta said “the vast majority” were “at very low risk” of identity theft or online fraud.

Abta’s server is managed through a third party and the association said its own IT systems remain secure.

Mark Tanzer, Abta chief executive said: “There is no evidence of data being taken or copied, but we can’t be certain. So we’re contacting everybody affected to advise them of the measures they can take to protect against data fraud.”

The breach occurred on February 27 and was discovered two days later on March 1.

Tanzer said: “On being informed we had to find out what had happened, what data had been accessed and whether any data had been removed.

“The first thing we did was to establish how this was done technically and close that off, then carry out a full test of our systems.”

He said there appeared to have been a single breach and police had identified the online identity of the perpetrator.

The breach had affected about 43,000 individuals, Abta said, of which “around 1,000 files may include personal identity information of customers of Abta members [and] around 650 may include personal identity information of Abta members.

“The vast majority relate to people who have registered on abta.com with email addresses and encrypted passwords or have filled in an online form with basic contact details which are types of date at a very low exposure risk to identity theft or online fraud.”

Tanzer said: “The advice we have is that that this looks an opportunistic attack.”

The breach affects the email addresses and encrypted passwords of those registered on abta.com, contact details of customers of Abta members who have used the site to register a complaint, “a smaller volume of data” uploaded via the site by members of the public who had submitted documentation to support a complaint since January 11, and data uploaded by Abta members using the self-service facility on abta.com.

Abta is in the process of contacting all 43,000 individuals by email and has set up phone lines for them to call for further information.

It is advising Abta members and members of the public registered on the site that passwords were encrypted, but that they should change their passwords as a precaution.

Abta head of brand and business development Victoria Bacon said: “Our main concern is to give accurate information to anyone affected.”

 

The Metropolitan Police is investigating the attack.

The members-only helpline is 0203 758 8779.

See also: Abta reveals cyber breach

Share article

View Comments

Jacobs Media is honoured to be the recipient of the 2020 Queen's Award for Enterprise.

The highest official awards for UK businesses since being established by royal warrant in 1965. Read more.