Select Page

NZ Incident: New Zealand’s AA Traveler “@WeLoveNZ” data breach

NZ Incident: New Zealand’s AA Traveler “@WeLoveNZ” data breach

New Zealand Data Breach, May 13 2022

Vulnerability in @WeLoveNZ database causes data breach at New Zealand’s AA Traveller

Names, email address, passwords and phone numbers compromised

Source: Data breach at @WeLoveNZ | Troy Hunt
Source: AA Traveller apologises after massive data breach | RNZ

New Zealand travel company has report suffering a privacy breach due to vulnerabilities on it’s @WeLoveNZ website.

Hackers have taken names, addresses, contact details and expired credit card numbers from the AA Traveller website used between 2003 and 2018.

AA travel and tourism general manager Greg Leighton said the data was taken in August last year and AA Traveller found out in March.

He said a lot of the data was not needed anymore, so it should have been deleted, and the breach “could have been prevented”.

Security investigator Troy Hunt posted a tweet showing a letter from AA Traveller to users confirming the incident and providing advice to members.

“Data breach at @WeLoveNZ. This is pretty well-written; I like the sincerity and owning of the incident, would have liked to see a timeline though as “recently” is very open to interpretation.”

– Troy Hunt

AA Traveler statement

 


About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

Weekly Australian News and Monthly Incident Review Emails

No advertisements, marketing, sales, or unsolicited emails. Your email address is ONLY used to send the publications listed above.

* indicates required


Shares
Share This