Hacker used flaw in web server to access Attack.Databreach data uploaded to website of holiday and travel association . Hackers used a flaw in the web server running the website of ABTA , the UK 's largest holiday and travel association , to access Attack.Databreach the data of as many as 43,000 people . ABTA CEO Mark Tanzer says an `` external infiltrator '' used a vulnerability in the firm 's web server to access Attack.Databreach data provided by its members and some of those members ' customers . ABTA is the UK 's largest travel association , representing travel agents and tour operators that sell £32bn of holidays and other travel each year . It said the unauthorised access Attack.Databreach -- on 27 February 2017 -- may have affected 43,000 individuals . Around 1,000 of the accessed files may include personal identity information relating to customers of ABTA members , submitted in support of their complaint about an ABTA member . These files relate to complaints uploaded to ABTA after 11 January 2017 . Additionally , around 650 files may include personal identity information of ABTA members . But Tanzer said : `` We are not aware of any information being shared Attack.Databreach beyond the infiltrator . '' The travel trade association said the vast majority of the 43,000 were people who had registered on abta.com , with email addresses and encrypted passwords , or have filled in an online form with basic contact details `` which are types of data at a very low exposure risk to identity theft or online fraud '' . Once it became aware of the intrusion , ABTA notified the third-party suppliers of the abta.com website , who immediately fixed Vulnerability-related.PatchVulnerability the vulnerability , and the association hired risk consultants to assess the potential extent of the incident . It has also alerted the Information Commissioner and the police . `` It is extremely disappointing that our web server , managed for ABTA through a third party web developer and hosting company , was compromised , and we are taking every step we can to help those affected , '' said Tanzer . ABTA said Vulnerability-related.DiscoverVulnerability its own systems remained secure and the vulnerability was in the web server for abta.com , which is managed for ABTA through a third-party web developer and hosting company . The association said that ABTA members or members of the public who have registered on abta.com should immediately change their password and , if they used this password or any variation of it for other accounts , they should change that too . It said ABTA members who have used ABTA 's online self-service facility to upload supporting documentation relating to their membership may have had their data accessed Attack.Databreach , and `` should remain vigilant regarding online and identity fraud '' .

Yahoo , Adult Friend Finder , LinkedIn , Tumblr and Daily Motion all have something in common : in 2016 , details of massive hacks perpetrated against the companies were disclosed . The firms represent a handful of the companies and public bodies around the world that suffered at the hands of hackers last year . Data compromised Attack.Databreach usually included names , emails , and physical addresses , and even personal bank details , ethnicity data , and phone numbers . And the hacks aren ’ t stopping anytime soon . 2017 has already been dominated by numerous data breaches Attack.Databreach and the most recent affects the Association of British Travel Agents , commonly known as ABTA . To keep you in the loop on data breaches Attack.Databreach this year , WIRED will keep a running tally of successful hacks . The abta.com web server for the Association of British Travel Agents ( ABTA ) was recently hacked Attack.Databreach by “ an external infiltrator ” who exposed Attack.Databreach the details of 43,000 individuals . Around 1,000 of these included files that could include personal identity information of customers of ABTA members uploaded since 11 January 2017 , while around 650 may also include personal identity information of ABTA members . As the UK ’ s largest travel association , ABTA ’ s members include travel agents and tour operators . The unauthorised access Attack.Databreach was said to be possible due to a system vulnerability “ that the infiltrator exploited ” to access Attack.Databreach some data provided by some customers of ABTA Members and by ABTA Members themselves . On immediate investigation , ABTA said Vulnerability-related.DiscoverVulnerability it identified Vulnerability-related.DiscoverVulnerability that although ABTA ’ s own IT systems remained secure , there was a vulnerability to the web server managed for ABTA through a third-party web developer and hosting company . “ This , unfortunately , means some documentation uploaded to the website , as well as some information provided by customers , may have been accessed Attack.Databreach , ” ABTA ’ s CEO , Mark Tanzer said . As a precautionary measure , it has taken steps to warn its members and customers of ABTA members who have the potential to be affected . The group has also alerted the relevant authorities , including the Information Commissioner ( ICO ) and the police .

Payday loan firm Wonga has suffered a data breach Attack.Databreach affecting up to 245,000 customers in the U.K. A further 25,000 customers in Poland may also be affected , according to the BBC . It says it does not believe customers ’ Wonga account passwords were compromised Attack.Databreach but suggests concerned users change their password anyway . Wonga is warning affected customers to be “ extra vigilant ” and to alert their bank of potential risk — though it says it will also be contacting financial institutions about the breach . We ’ ve reached out to Wonga with questions and will update this story with any response . Update : In a statement a spokesperson for the company told us : “ Wonga is urgently investigating illegal and unauthorised access Attack.Databreach to the personal data of some of its customers in the UK and Poland . We are working closely with authorities and we are in the process of informing affected customers . According to The Guardian , the company became aware of a problem last week but only realized on Friday that data could be accessed Attack.Databreach externally , and only started contacting affected customers on Saturday . The U.K. ’ s data protection regulator , the ICO , has apparently been informed of the breach — although it ’ s unclear when . An ICO spokesperson did not respond to the question , providing this statement instead : “ All organisations have a responsibility to keep customers ’ personal information secure . Where we find this has not happened , we can investigate and may take enforcement action ” . Back in 2014 the company had to write down $ 340 million in unpaid loans , following an investigation by the U.K. ’ s Competition and Markets Authority over its lending practices . It was also fined by the regulator for sending Attack.Phishing fake lawyers ’ letters to customers in arrears . Although Wonga attracted substantial tech investment for a real-time automated decision-making platform for affordability checks , it ended up having to write off the loans of 330,000 customers , and waive the interest and fees for a further 45,000 — raising questions about the efficacy of its algorithms . Tightened criteria on short-term loans by the U.K. financial regulator ultimately shrunk the size of Wonga ’ s business , which saw losses double in 2015 — to £80.2 million .