June 01, 2018

Travel industry must do more to protect client data


We are the guardians of our client's well-being when they travel. But we also need to be the custodians of their personal information in the best ways available to us.

No one is more sophisticated about big data and the need to protect it than the Japanese. But Japan's largest travel agency, JTB, was the victim of a recent cyberattack that led to the theft of data belonging to 7.9 million users.

This might not seem like such a big thing. After all, what could they get? Names, addresses, email accounts? But wait. Embedded in the reporting of this travel industry cyberattack was one other little fact. They got everyone's passport numbers, a particularly prized piece of information that can be used to create fake passports and travel documents and for identity theft. In other words, in the hacking world, passport numbers are pure gold.

Perhaps the most important message to take away from the JTB hack is that this huge, successful chain likely had one data breach in one branch office where an employee apparently opened a phishing email and downloaded the file attached to it, enabling malware to infect the firm's computers, which revealed confidential customer information stored on the company's servers.

Get the full story at Travel Weekly