Thomson data breach a "cautionary tale" for travel firms

Travel firms are being advised to review their data protection practices in light of the headline-hitting data breach suffered by the UK's biggest tour operator, Thomson.

With data security and privacy being front page news these days, travel firms must put in place robust security protocols, says Tnooz.

And contrary to what crisis management experts night say, ensuring transparency with customers as to the safety of their data is the best way to maintain the trust of travellers, says the travel news site.

Reports of the Thomson data breach hit the headlines last week, with the BBC reporting that as many as 458 Thomson customers from around the UK had been affected – bang in the middle of peak travel season.

The news provider said that not only customers' names had been leaked, but also their address, email, phone number, the date of their flight and even the outstanding balance on their holiday.

According to the BBC, the breach occurred on 15 August. Following this, Thomson apologised to customers, saying the data loss was the result of a "genuine error".

In a statement the firm said: "We are aware of an email that was sent in error, which shared a small number of customers' information. The error was identified very quickly and the email was recalled, which was successful in a significant number of cases."

Thomson will not be offering any compensation, the BBC reported.

When approached by Tnooz, the firm failed to give any further details about the data breach – and its handling of the case is a "cautionary tale" for travel firms, the news site says.

Customers were not offered concrete details about the incident, for instance, whom, or from which department, and in what context the email was wrongly sent. Additionally, there's no information about whether the customers concerned had booked online or in a high street agency.

This means that travellers don't know if this is a serious flaw in the travel firm's security, or was the result of a laptop left on a train. Travel firms must set consumers' minds at rest through complete transparency, Tnooz argues.

"Firms do need to have a strategy in place because data security and privacy is now front page news. A few years ago mainstream news outlets inevitably found an "airport getaway chaos" story to frighten us all during busy travel periods – perhaps data breaches are now fulfilling the same function," warns the site.