Butlins Report Personal Data Breach
The holiday camp chain has reported a personal data breach which could affect up to 34,000 customers following a cyber breach.
Blaming a phishing attack, indicating that an employee has likely been tricked by an email, customers are being warned that their names, addresses, contact details and arrival dates for their holidays may have been attained.
Butlins have advised that no financial information was at risk, however.
The company had begun notifying customers about the breach, in line with the EU’s General Data Protection Regulation (GDPR) and the UK’s GDPR-aligned data protection laws, which must be done within 72 hours of the breach being discovered.
While the incident has been reported to The Information Commissioner’s Office (ICO) a spokesman for the holiday firm advised that they “cannot be definitive at the moment with regard to whether all data was hacked”.
Phishing attacks are used by hackers as they are simple but effective. Email is a key part of a business nowadays, employees are not vigilant enough to the signs of a phishing email or are too busy to look out for them. This latest breach, however, highlights the need to ensure that employees are working as the first line of defence.
Phishwise is a new product we are launching at Xenace, looking to not only test your employee’s ability to recognise an attack but to also educate them through video training. If you would like more information on how we can help your company to avoid similar attacks, Get In Touch Today.