7 February Recent data breach illustrates travel industry cyber threat February 7, 2024 By Bec Olsen General 0 Recent data breach illustrates travel industry cyber threat In January, details emerged of a data breach at an Australian travel agency, which saw more than 112,000 records from the company’s database leaked online. The incident saw details including passport images, travel visas, itineraries and tickets, as well as partial credit card numbers, leaked from the company’s non-password-protected database. Cyber breaches in Australia have become a persistent threat to businesses over recent years, and while the Optus and Medibank leaks were the most prominent, a number of cyber breaches are reported each day. From July 2022 to June 2023, 895 data breaches were reported to the Office of the Australian Information Commissioner (OAIC), with 42 of those affecting 5000 or more people. While health service providers, finance companies, recruitment agencies, legal, accounting and management services and insurance businesses are the top five sectors to be affected, the Inspiring Vacations breach illustrates just how attractive travel businesses are to hackers. “The travel sector deals with a significant amount of sensitive data,” says Simon Carter, Division Manager of Executive and Professional Risks at Gow-Gates. “From passport details and visas to payment details and travel itineraries, the information a travel agent or tour operator collects is extremely attractive to cyber criminals, and it’s essential your systems and digital security stand up to the threat today.” The impact of a data breach From a business perspective, a data breach can have huge and long-lasting implications. Firstly, there’s reputational damage. How many people are actively going to choose a company that hasn’t looked after customer data? Secondly, there’s the operational disruption of the breach and the subsequent investigation, followed by the need to review and change business practices. Lastly, consider the direct repercussions of the breach, specifically the legal implications that could follow. Add to that the financial costs – an average of $39,000 per business in 2021-22 – and it’s clear to see the devastating impact a cyber breach can have. A robust approach to cyber security must be embedded within an organisation to minimise the chances of being affected by a data breach – and it’s important to understand that not just the big players are targeted. “You might think that it’s only companies the size of Optus that cybercriminals will find attractive,” says Simon Carter. “However, that’s not accurate – they will just as readily target smaller businesses, which means, regardless of size, it’s imperative you take cyber security seriously. “While stealing data from an Optus-sized business, for example, may result in greater volumes of data, the reality is it will take greater effort, and the business will have a ready-to-go response mechanism. “Smaller businesses can be easier to get into – as we saw with Inspiring Vacations – and how the business responds may not be as firmly established. How to prevent a data breach You cannot eliminate the threat of a cyber breach entirely. However, you can reduce the risk by having robust business practices, including on-time software updates and continual cyber education for employees. Key things that every business should be doing include: 1. Ensuring all software is updated regularly. This means known weaknesses are strengthened, and the most up-to-date software is in place. 2. Running regular cyber security awareness sessions for employees, continually talking about cyber security as everyone’s responsibility, and helping employees spot potential threats. A huge number of cyber breaches are directly or indirectly the fault of human error, such as people clicking on a suspicious link. 3. Ensuring multi-factor authentication (MFA) is enabled where available. 4. Having a documented cyber security policy that details the expectations of employees, plus how the business will respond in the event of an attack. For more advice on how to prepare your business to cope with cyber threats, take a look through the Government’s business cyber security checklist. The OAIC also has some valuable information to help businesses reduce the risk. Of course, having the right insurance cover for a cyber breach is essential. Insurance provides an excellent safety net should all mitigation efforts fail, and by working with a broker, underwriter and insurer, you can embed solid practices and mitigation strategies into your every day. “Speak to your broker about the cover your business needs,” says Simon Carter. “Some cyber exposure may be covered under a Directors and Officers policy, while other exposure may need a dedicated cyber policy.” The importance of getting your cyber security right As illustrated by the Inspiring Vacations breach, every company is a potential victim of cybercrime. Do you have the right mitigation strategies in place, or are you effectively crossing your fingers and hoping for the best? Speak to one of our Travel Team today, and we can help you protect your business from the threat of cybercrime. Katie Robinson | Team Manager – krobinson@gowgates.com.au Sandra Hall | Account Executive – shall@gowgates.com.au Alana Strassmeir | Assistant Account Broker – astrassmeir@gowgates.com.au Related Articles Travel Industry’s Night of Nights Set to Sparkle Thanks to Generous Sponsor Support 9 October 2025: With the National Travel Industry Awards (NTIA) shaping as the best in the event’s history, the Australian Travel Industry Association (ATIA) extends its heartfelt thanks to our sponsors without which the awards would not be possible. Travel Industry Shines Bright on its Night of Nights as NTIA 2025 Celebrates Excellence 18 October 2025: The Australian Travel Industry Association (ATIA) has tonight celebrated the very best of the Australian travel sector, with almost 1,200 industry professionals coming together at a sold-out National Travel Industry Awards (NTIA) at The Star, Brisbane. ATIA Highlights the Critical Role of Travel Advisors This Global Travel Advisor Day The Australian Travel Industry Association (ATIA) is using Global Travel Advisor Day (7 May 2025) to highlight the critical contribution accredited travel businesses and their incredible staff make every day to safer, smarter travel and championing their value as trusted professionals supporting millions of Australians. Travel has a new home – the Australian Travel Industry Association (ATIA) The Australian Travel Industry has a new peak industry body representing travel agents and advisors, tour operators, consolidators and wholesalers replacing the Australian Federation of Travel Agents (AFTA) effective today. Golden Age of Travel Agents: Industry Hits Back at Misleading KPMG Report The Australian Travel Industry Association (ATIA) has rejected claims in KPMG’s latest research report that the travel agent profession is in decline, describing the findings as misleading and disconnected from both real-time industry activity and government-backed projections. Travel Heavyweights Gather to Debate Industry Future at Beyond Borders This Friday October 15 2025: The latest trends in travel as well as the future of the industry over the next five years will feature heavily in the Beyond Borders summit on Friday at The Star in Brisbane as a ‘Who’s Who’ of the industry gathers ahead of the NTIA at the same venue on Saturday. Showing 0 Comment Comments are closed.