LAST UPDATE | 29 Aug
FOTA WILDLIFE PARK has said it is in the process of contacting “all potentially impacted customers” after it was hit by a cyberattack.
In an email to customers yesterday, the Cork attraction warned customers that their financial information may have been compromised due to the breach.
It said that after it became aware of illegal activity on its website, it took “immediate steps to investigate and identify what information had been accessed on our website in order to carry out containment measures”.
“One of the steps that we have taken is to remove all access to the user accounts on the website. We have also engaged external forensic cyber security experts who are investigating the incident on our behalf,” the park said.
It said that for anyone who made transactions on the website between 12 May and 27 August, “there is a risk that your financial information may be compromised”.
The wildlife park “strongly” recommended that customers cancel the credit or debit card used to make payments on the Fota Wildlife Park website between 12 May and 27 August.
It also advised customers to review their bank account and credit card statements since 12 May “to identify potential suspicious activity which may indicate that your account has been compromised”.
“We understand that this may be of significant concern to you. We would like to assure you that we take our responsibility to protect your personal and financial information seriously and have given this matter the utmost priority,” the email stated.
The wildlife park told customers that the incident has been notified to the Data Protection Commission (DPC) and that they are also liaising and working with An Garda Síochána.
The website for the park is now offline, but the park remains open.
“Fota Wildlife Park can confirm that illegal cyber activity was recently identified which impacted its website,” it said in a statement to The Journal.
“The organisation’s incident response plan was immediately activated, an internal investigation was instigated and appropriate measures were taken to secure the organisation’s website.”
It said the incident has been notified to the relevant authorities and that the park is cooperating with them.
“Fota Wildlife Park is in the process of contacting all potentially impacted customers. In the meantime, Fota Wildlife Park’s day-to-day operations continue as normal.”
A security source said that it is believed that it may be similar to a 2018 cyber attack on British Airways and it appears that the breach is related to payments passing through the website.
The Data Protection Commission has confirmed that it has received a notification and is assessing the information provided by the park’s operators.
Bank of Ireland said its customers impacted by the “Fota Wildlife Park issue can contact our customer service team (1800 946 764) who can cancel their existing card and arrange a new one.
“Customers can also freeze their cards immediately within the Cards section of our mobile app.”
Brian Honan of BH Consulting is a leading cyber security expert – he said that it is advisable for customers to cancel the banking cards they have used to make payments at Fota Wildlife Park and to change passwords.
“I recommend they follow the advice from Fota.Firstly, if the password you used to enter the Fota Wildlife Park website is a password you use across many other websites, then go change your password on those websites and systems, and if it is available, enable multi factor authentication on those sites and systems as well, because that will provide a second step of safety if criminals try and use your password.
“I would definitely take the advice and cancel your credit card and debit card, because at this stage, you don’t know if the criminals have access to it and if they start using your credit card for purchasing things or anything else, it could come back to bite you, because at this stage, you know your credit card has potentially been stolen.
“So notify your financial advisor, cancel your credit card and monitor your bank account or credit card statements to see if there’s any unusual activity,” he said.
Honan said the type of cyber attack by criminals is not an unusual method and would like have involved the criminals having access to data across the system.
“The fact that the website, the focus the commentary around the website were and not any of their back end systems would say to me that somehow their website got compromised and that the criminals were able to put code on the website to monitor all activity on that site, such as people logging in, thinking their passwords, credit card details, and sending the information to the criminals.
“So you go into book your day out in Fota Wildlife Park – you enter your name, address, your credit card details and you hit purchase.
“It goes through the website, and it goes through the Fota Wildlife Park systems, and everything worked. You got your tickets, but at the same time my guess is that information was being copied over to criminals somewhere else,” he added.
Honan warned that criminals are diversifying their methods as online commerce continues to increase.
“Other organisations should note the Fota incident and they should learn from it and ensure that their websites have been designed and developed in a secure manner, that they are monitoring their websites for any unusual activity, and in particular, any changes to the software on their websites, and that they have an appropriate incident response plan in place should that breach happen.
“Finally they should be regularly testing the security of their website by having what is called penetration tests, which is where security professionals will try and break into the site the same way as a criminal would break into it just to make sure it’s secure,” he added.
With reporting from Niall O’Connor
To embed this post, copy the code below on your site
have your say