Hundreds of Holidaymakers Hit by Thomson Data Beach

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

By Michael Moore

Hundreds of happy sun seekers may be returning to some unwelcome news this week following the news that their personal details may have been stolen.

Holiday firm Thomson has confirmed that the home addresses, telephone numbers and flight dates of nearly 500 customers were revealed in what the company called a ‘genuine error.’

However, the company has said it will not be offering compensation to any of the 458 customers affected by the leak.

Error

“We are aware of an email that was sent in error, which shared a small number of customers’ information,” a company statement said.

“The error was identified very quickly and the email was recalled, which was successful in a significant number of cases.

“We would like to apologize to our customers involved and reassure them that we take data security very seriously.

“We are urgently investigating the matter to ensure this situation will not be repeated.”

The details were included in an email seen by the BBC, and later confirmed by Thomson, dated August 15, which was immediately recalled by the sender.

Thomson’s data breach is the latest in a series of leaks affecting major companies recently, including a U.S. hack earlier this year that reportedly involved the stealing of one billion email addresses.

A report by security firm Iron Mountain earlier this year found that that 40 percent of public sector bodies have been hit by a data breach as staff are simply too busy to cope, partly due to the implementation of the government’s digital transformation strategy.

In addition, 61 percent of public sector organizations have lost important documents internally with one in four respondents admitting that they are putting potentially sensitive data at risk every day.

TechWeekEurope has contacted the Information Commissioner’s Office (ICO) to see whether it will be investigating the breach, but had not received a request for comment at the time of publication.