We take the security of our customer personal information very seriously and have very strict policies and procedures in place to safeguard customer personal data.
The company continuously updates and strengthens our systems and processes against unauthorised access, and clearly data security is an area of increasing challenge for all businesses today.
The data which was uncovered was on one isolated AWS server, and related to customer calls made between 10th April - 10th August 2016, a period of 4 months.
Once this matter was brought to our attention, we immediately secured the files in question and completed a full audit of all data storage which were found to be fully compliant with all regulatory requirements.
The company has contacted the Information Commissioner’s Office (ICO), who have advised that due to the type of data and also due to the incident being for a short period and in 2016, it is deemed not necessary for it to be formally reported as a data breach. However in order to provide complete transparency, we have decided to record the incident with the ICO as a matter of course.
We continue to fully comply with our legal obligations, and the company is taking all appropriate steps to ensure that this situation does not occur in the future.
Our booking procedure does not allow agents to take card numbers over the phone. Customers are asked to key their card details into a secure automated system. If a customer attempts to give their card information verbally, they are stopped by the agent.
Over the course the last three years we haven't had any customers reporting that they have been affected by this situation. Customers who booked a holiday during this four month period in 2016, and who are concerned, are advised to call us directly on 0207 741 1200 to speak to a member of our team.
Keep an eye out for our fantastic deals and offers coming to an inbox near you!