AA Traveller apologises after customer data stolen

AA Traveller apologises after customer data stolen

An unnamed legacy website application appears to be the centre of the attack.

Credit: Supplied

AA Traveller has apologised to customers after a breach that could have seen the data of thousands of users compromised.

Between 2003 and 2018, AA Traveller operated a website that allowed customers to make travel bookings, enter competitions and take part in surveys. However, a number of those customers have now had their personal information compromised in a security incident.

"We sincerely apologise about this situation and any inconvenience it may be causing," the company said. "The vulnerabilities have been addressed and the personal information on this system has been secured."

AA Traveller said it had recently discovered the vulnerability in an application where website information was stored.

"Since becoming aware of the issue, AA Traveller immediately moved to remedy the vulnerability and have been working with cyber security advisors to investigate this situation," the company said.

AA Traveller was also working on a detailed forensic investigation while the information on the application had been removed and secured. 

The compromised system is no longer being used.

"The Privacy Commissioner was notified as soon as practicable after AA Traveller became aware of the breach, and notification to individuals are being sent now after confirmation that appropriate measures are in place to adequately address security risks to other information," AA Traveller said.

Customers could reduce risks to themselves by remaining vigilant to phishing emails or scam communications from organisations claiming to be AA Traveller or a financial institution, the company advised.

"You should also continue to be safe online by not responding to any emails or social media communications that you consider suspicious or calls from numbers you don’t recognise."

Follow Us

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags hackinghackwebsite vulnerabilityAAcyber securityAA Traveller



Channel gathers for Nextgen New Zealand's Summer (Somewhere) Party

Channel gathers for Nextgen New Zealand's Summer (Somewhere) Party

Held in Auckland, Nextgen New Zealand's Summer (Somewhere) Party was an opportunity for celebration with a tangerine taste of summer. Nexgen's channel community seized the opportunity to catch-up with familiar faces and enjoy an in-person gathering.

Channel gathers for Nextgen New Zealand's Summer (Somewhere) Party
Show Comments