News

Thousands of Butlin’s customer records hacked

The records of up to 34,000 Butlin’s holidaymakers have been accessed by hackers, the domestic operator confirmed.

While the stolen data does not include payment details, customers’ names, holiday dates, postal and email addresses and telephone numbers are believed to have been accessed.

A spokesperson confirmed that the compromise had taken place within the last 72 hours, and was caused via a phishing email by an “unauthorised third party”.

British companies must notify the Information Commissioner’s Office of any data breaches within 72 hours or face a fine under the EU’s new General Data Protection Regulation,

Butlin’s said its own investigations “have not found any fraudulent activity related to this event”.

It added: “Guests who may have been affected are being contacted directly by Butlin’s to let them know what’s happened, what they should do and what is being done to resolve the situation.”

An ICO spokesperson said: “Butlin’s has made us aware of an incident and we will be making enquiries.”

Butlin’s managing director Dermot King added: “Butlin’s take the security of our guest data very seriously and have improved a number of our security processes.

“I would like to apologise for any upset or inconvenience this incident might cause. A dedicated team has been set up to contact all guests who may have been affected directly.”

Individuals who believe they may have been affected should be cautious not to give out any additional details when contacted by individuals representing themselves as being from Butlin’s, as this is a common activity by fraudsters following data breaches.

Share article

View Comments

Jacobs Media is honoured to be the recipient of the 2020 Queen's Award for Enterprise.

The highest official awards for UK businesses since being established by royal warrant in 1965. Read more.