A TRAVEL AGENCY has acknowledged an online data breach which meant that a number of customers’ personal data – including passport numbers – were publicly available for a short time.
A security flaw on the Go4Less.ie website allowed members of the public to access the personal details, which also included phone numbers and addresses, of a small number of people through search indexes on sites like Google.
A spokeswoman for the Office of Data Protection confirmed to TheJournal.ie that the travel agency had acknowledged and rectified the problem.
The spokeswoman said Go4Less had confirmed the breach “affected one person who has been made aware” of the difficulties.
TheJournal.ie was able to view personal details for a handful of users, however. The flaw has since been addressed.
The data had been supplied to the company by personal customers who were using its website to register for J1 travel visas to the United States.
Go4Less.ie is to provide a full report on the matter for the Data Protection Commissioner, Billy Hawkes.