Sunweb confirms data breach, warns customers to be on their guard

News
By published

Tourist agency data stolen in apparent attack

Image depicting hands typing on a keyboard, with phishing hooks holding files, passwords and credit cards.
(Image credit: Shutterstock / janews)
  • Sunweb confirms data breach after phishing emails targeted customers with fake payment requests
  • Attackers stole contact and booking details; sensitive ID and payment data remained secure
  • Incident was contained; breach reported to Dutch authorities; customers urged to contact their banks

Sunweb Group has confirmed suffering a cyberattack and data breach, and has urged its customers to remain vigilant against incoming phishing attacks.

A security notification posted on the travel company's website said Sunweb was made aware of the breach when its customers started receiving phishing emails.

The emails saw victims urged to “confirm their details and make a payment, otherwise their holiday would be cancelled.”

"Fully contained"

Since the emails did not come from Sunweb, but rather from another hacked company’s email server, the company launched an investigation.

This determined Sunweb’s network was breached, and at least some of the information used in the attacks originated from that breach.

The agency did not say who the attackers were, or if they made contact. It did say that they stole people’s names, email addresses, phone numbers, and different booking information (travel dates, destinations, and similar).

On the other hand, credit card details, passwords, and passport or ID document information, remained secure.

The agency also did not say how many people were affected by the breach, or if they will be getting any free identity theft and credit monitoring services, as is standard practice in these types of cyberattacks.

“The incident has now been fully contained, and the affected system has been further secured,” Sunweb confirmed.

After confirming the attack, the agency reached out to affected individuals, and is currently preparing follow-up communication, as well. The affected systems were closed and “additional security measures” implemented. Sunweb did not mention which measures those were.

Finally, it reported the breach to the Dutch Supervisory Authority and told its customers who suspected to have been tricked - to reach out to their banks to try and stop the fraudulent transactions from going through.

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.