Melbourne-based travel company, Inspiring Vacations, has fallen victim to a major data breach, compromising the personal information of thousands of individuals. The breach, involving an unsecured 26.8GB database containing over 112,000 records, exposed passport and travel details. The severity of the incident was revealed by cybersecurity expert Jeremiah Fowler.
In the wake of the breach, John Baird, CEO of Revio Cyber Security, has advised companies utilizing Amazon Web Services (AWS) to conduct a thorough review of their settings or seek guidance from security specialists. Baird highlighted the security challenges posed by AWS’s direct internet connectivity design and recommended a mini-audit of S3 configurations to ensure robust security measures.
Baird also emphasized the importance of businesses aligning with privacy laws, irrespective of their annual turnover, citing changes in the Privacy Act. Compliance with these regulations is now universally applicable, underscoring the significance of prioritizing data protection and privacy.
The Council of Australian Tour Operators (CATO), of which Inspiring Vacations is a member, stressed that cybersecurity remains a top priority for the travel industry. CATO’s Managing Director, Brett Jardine, highlighted ongoing efforts to keep members informed about cybersecurity trends and provide access to experts for advice.
In response to media reports, Inspiring Vacations disputed the scale of the data breach, asserting that the actual size of the incident is ‘significantly smaller.’ The conflicting statements add complexity to the situation, warranting further investigation into the true extent of the breach and its implications for affected individuals.