The personal details of over 200,000 customers of a British holiday firm Teletext Holidays were left exposed in audio files for several years.
The compromised data includes names, dates of birth, email and home addresses, flight times, and other holiday details, although only partial card details were revealed.
The audio files were reportedly recorded as part of a project to analyze call centers.
All 532,000 data, including the audio, were erased by the travel agency after being alerted, although it seems that they were exposed for more than three years.
The business declared that they are doing everything possible to prevent a repeat of this circumstance.
Source: https://www.infosecurity-magazine.com/news/uk-holidaymakers-data-exposed-for/
TPRM report: https://scoringcyber.rankiteo.com/company/teletext
"id": "tel124711423",
"linkid": "teletext",
"type": "Data Leak",
"date": "08/2019",
"severity": "60",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 200000,
'industry': 'Travel and Tourism',
'location': 'United Kingdom',
'name': 'Teletext Holidays',
'type': 'Holiday Firm'}],
'attack_vector': 'Unsecured Data Storage',
'data_breach': {'file_types_exposed': 'Audio Files',
'number_of_records_exposed': 532000,
'personally_identifiable_information': True,
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Names',
'Dates of Birth',
'Email Addresses',
'Home Addresses',
'Flight Times',
'Holiday Details',
'Partial Card Details']},
'description': 'The personal details of over 200,000 customers of a British '
'holiday firm Teletext Holidays were left exposed in audio '
'files for several years.',
'impact': {'data_compromised': ['Names',
'Dates of Birth',
'Email Addresses',
'Home Addresses',
'Flight Times',
'Holiday Details',
'Partial Card Details']},
'lessons_learned': 'The business declared that they are doing everything '
'possible to prevent a repeat of this circumstance.',
'post_incident_analysis': {'corrective_actions': 'All 532,000 data, including '
'the audio, were erased by '
'the travel agency after '
'being alerted',
'root_causes': 'Unsecured audio files'},
'response': {'remediation_measures': 'All 532,000 data, including the audio, '
'were erased by the travel agency after '
'being alerted'},
'title': 'Teletext Holidays Data Exposure Incident',
'type': 'Data Exposure',
'vulnerability_exploited': 'Unsecured Audio Files'}