Hot Topics
Security Bloggers Network 
SBN

Data breaches bring more bad news for the travel and leisure industry

by Geoff Forsyth on November 19, 2020

As if the travel, leisure and hospitality industries aren’t having a hard-enough time right now, the latest headlines*1 make for sobering reading.  Leading online brands Expedia, Booking.com and Hotels.com have reportedly been the subject of a third party cyberattacks, which has led to potential breaches of booking information – including names, email addresses, telephone numbers and payment data.

On top of this Ticketmaster*2 has this month been fined £1.25 million by the UK’s Information Commissioner’s Office for failing to keep personal data secure via its online payment page back in 2018. Again, this led to a data hack compromising customers’ payment card information.

As we know, payment card data is likely to be considered the ultimate prize for hackers and it is imperative that businesses consider any areas of potential vulnerability in systems and processes to prevent these types of incidences from occurring.  In doing so, it will not only help firms avoid significant financial penalties from regulators, but also the significant reputational harm that cyberattacks of this nature have on the brands in question.

From the research we conducted a significant three quarters (74%) of consumers said that they would avoid shopping with a brand for a ‘few months’ if they are aware that the organisation has been the subject of a data breach or hack in the last year.

This illustrates the significant risk facing businesses today and emphasises the importance of using technologies that ‘de-scope’ organisations from the requirements of PCI DSS and remove the sensitive cardholder data from their infrastructure – meaning risk is removed as there is no sensitive data stored to steal.

Being able to prove that technology and strict protocols are in place also provides assurances to customers that organisations are taking the security of their personal data seriously, and will hopefully give consumers’ confidence on where they decide to take their spend.

 

References:

  1. https://www.itgovernance.co.uk/blog/millions-of-expedia-and-booking-com-customers-at-risk-after-data-breach?utm_source=Email&utm_medium=Macro&utm_campaign=S01&utm_content=2020-11-13
  2. https://www.aol.co.uk/news/2020/11/13/ticketmaster-fined-a-1-25-million-for-2018-chat-bot-cyber-attack/?guccounter=1&guce_referrer=aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=AQAAADspQxhjbb8IH7zPDqeAVLcv7-iP7EQF9j7NNKCayNbMVsvSZ3aA1k_jMfhnUnKFwn5hXs6wQYpaFx_1nAdq13Kz41tXEhIKhJuqlx7hZrGYL7-58ojUL1fn29RLj1cQj0NIJHqg96BPzCemhZlL3z_kogUqe3OZ4Yci9Hjp2HHT

The post Data breaches bring more bad news for the travel and leisure industry appeared first on PCI Pal.


Recent Articles By Author
More from Geoff Forsyth

*** This is a Security Bloggers Network syndicated blog from Knowledge Centre – PCI Pal authored by Geoff Forsyth. Read the original post at: https://www.pcipal.com/en/knowledge-centre/news/data-breaches-bring-more-bad-news-for-the-travel-and-leisure-industry/

Geoff Forsyth