Butlins customer data exposed following phishing attack

Data of 34,000 customers exposed but not payment details, claims Butlins

Holiday company Butlins has admitted a security breach in which the data of around 34,000 customers was exposed.

However, it has also claimed that no payment details were compromised.

In an open letter to customers from managing director Dermot King, he wrote: "The data which may have been accessed includes booking reference numbers, lead guest names, holiday arrival dates, postal and email addresses and telephone numbers.

"Our investigations have not found any evidence of fraudulent activity related to this event, but our data security experts will continue to work around the clock and have improved a number of our security processes."

King added that the Information Commissioner's Office had been informed and that measures were being put in place to prevent a reoccurrence. All customers who may have been affected will be contacted directly before the close of play on Monday 13 August.

The breach has been traced to a phishing attack.

In the letter, King added: "I would like to apologise for any upset or inconvenience this incident might cause. A dedicated team has been set up to contact all guests who may be affected directly. I would like to personally reassure guests that no financial data has been compromised.

"Guests who may have been affected are being contacted directly by Butlin's to let them know what's happened, what they should do and what is being done to resolve the situation."