Travel broadens the mind for people lucky enough to jet off across the world, but the travel industry has also broadened the horizons of hackers, giving them plenty of opportunities to steal personal data and make huge profits.
Few travellers realise the risks they run when booking flights or hotels - even with some of the most reputable companies in the business. So let’s look in more detail about the state of hacking in the travel sector.
We’ll also look briefly at what can be done to minimise your exposure to cybercrime when you plan your next trip - including the VPN services. That way, you can see the world and stay safe at the same time.
The travel industry has had a rocky journey in recent years
Few sectors of the economy have been hit by hackers like the travel industry. In the past couple of years, travel firms have experienced some massive data breaches which rank among the most serious ever recorded:
1. The 2018 British Airways data breach - In August 2018, British Airways admitted to customers that it had fallen victim to hackers. The UK’s flag-carrying airline told customers that 380,000 transactions had been affected, with hackers making off with payment details (not passport information, fortunately). This included home addresses, email addresses, credit card numbers and expiry dates. As the Guardian reported in October, the lost data was potentially enough to allow the thieves to make purchases on the BA site.
2. United Airlines 2015 Chinese journey - American carrier United encountered similar issues in 2015 when it was targeted by a Chinese hacking group. In this case, manifests (information about individual flights) was part of the data breach - again allowing hackers to steal identities. Amazingly, a couple of years later United managed to leak cockpit codes, potentially giving passengers access to the cockpit. So in some ways, they have been their own worst enemy.
3. Marriott’s Christmas data disaster - In late 2018, the hotel chain Marriott joined our list of travel data nightmares, reporting that the data of 500 million guests at its Starwood subsidiary had been stolen. Moreover, the attackers had apparently been able to harvest customer data since 2014, including all sorts of personal information - just what identity thieves look for.
Wherever you look, the travel sector has been struggling to counteract hackers. From car rental companies like Enterprise and Hertz to package holiday providers like Thomas Cook, very few large companies have managed to avoid putting customers’ records at risk.
This is really alarming from a customer’s perspective. When you book a hotel or flight, are you handing your personal data over to malicious actors? Can you trust your travel partners to protect your data properly? It doesn’t seem like it.
How to manage the risks of travel data breaches
Whatever the risks, we can’t let ourselves be put off exploring the world. So what can individuals actually do if they are keen to travel, but want to keep their data safe?
Here’s a quick checklist of what to do before and after a data breach takes place:
1. Always research the companies you book with. There are many lesser-known flight booking sites around, and not all implement watertight payment security. Check for seals of approval such as recognition by ABTA. This is the UK’s main travel body and effectively regulates which companies can be trusted.
2. Use a VPN to encrypt your personal data. When paying for any travel services, always ensure that your data is encrypted. This is particularly important when booking tickets at airports or on the road - when you may need to rely on public wifi. VPNs provide exactly the kind of protection required. he best free VPN services will also help you work around flight and hotel geo-filters, letting you find cheaper tickets as you navigate the world.
3. When breaches happen, be very cautious about responding to emails. This is crucial. If you are unlucky enough to be caught up in a data breach, make sure you only respond to official emails from the company concerned. Hackers may well try to pose as the company to gain further information (or just to mount opportunistic attacks).
4. Change your passwords and think about adding a password manager. If your data is compromised, it’s vital to change your passwords right away. Replace them with alternatives that are totally unrelated to your older passwords. And if you aren’t confident about dealing with strong passwords, download a password manager tool to do the job.
Don’t let hackers ruin your holidays
Above all, try to stay relaxed and put your worries in the background after booking vacations. The whole point about travel is to let you relax and enjoy what the world has to offer - and fretting about data breaches can ruin the vibe.
But do learn about how to respond if the worst happens, and be sure to investigate the best free VPN services. That way, you can be confident that even if data breaches occur, you’ll have the knowledge and tools needed to minimise any disruption.