×

Irish Information Security Forum

ALERT! :- FOTA Wildlife Park Cybersecurity Breach

IISF Alert: August 2024

FOTA Wildlife Park, the popular wildlife attraction in Cork divulged a significant cybersecurity breach last week. The incident compromised the personal and financial information of visitors who made online transactions on the FOTA Wildlife Park website between May 12 and August 27, 2024.

 

The breach they say was identified when unusual activity was detected on the FOTA website. Steps were taken to investigate and contain the breach, including taking the website offline and engaging external forensic cybersecurity experts¹. They confirm that the park's incident response plan was activated, and an internal investigation was launched to determine the extent of the data compromised⁴.

 

fota wildlife park website hacked

 

The specific mechanism used to breach the FOTA Wildlife Park website has not been publicly disclosed as of yet. However, it is suspected that the attackers may have exploited vulnerabilities in the website’s underlying Wordpress installation to install malicious code that allowed the hackers to then access login and credit card data typed into the website's booking forms by users buying tickets online.

 

This type of attack often involves methods such as:

  • SQL Injection: Inserting malicious SQL queries into input fields to manipulate the database.
  • Cross-Site Scripting (XSS): Injecting malicious scripts into web pages viewed by other users.
  • Man-in-the-Middle (MitM) Attacks: Intercepting and altering communication between the user and the website.
  • Malware Insertion: Placing malicious software on the server to capture sensitive information.

 

Customers who made online transactions during the specified period were advised to cancel their credit or debit cards and monitor their bank statements for any suspicious activity¹³. The park indicated that the breach affected online transactions made through the FOTA website but not in-person purchases² at the park's ticket office. 

 

It is certain that in addition to financial data other personal and confidential information was also exposed, such as login id, password, email, home address, telephone numbers etc...  so it is also advisable to change all passwords and be hyper aware of phishing attacks across mobile, social and email.

 

While the website is now back online, user accounts and online ticket puchasing remains unavailable.

Notice on relaunched website 
fota wildlife cybersecurity breach website notice

 

FOTA Wildlife Park have notified the Data Protection Commission (DPC) and are cooperating with law enforcement agencies, including An Garda Síochána¹. The park is also in the process of contacting all potentially impacted customers to provide guidance and support².

 

 

Email issued by Fota Wildlife park to customers

Dear Customer,

We are writing to let you know that we recently became aware of some illegal activity on our website.

On becoming aware of this activity, we took immediate steps to investigate and identify what information had been accessed on our website in order to carry out containment measures. One of the steps that we have taken is to remove all access to the user accounts on the website. We have also engaged external forensic cyber security experts who are investigating the incident on our behalf.

 

From our investigation, you should be aware of the following:

  • If you have a user account on the Fota Website, the username, password and email address linked to that account may have been accessed.
  • If you carried out a transaction on our website between the dates of 12 May 2024 – 27 August 2024, there is a risk that your financial information may be compromised. This relates to the credit / debit card details you used to carry out the transaction on our website.

 

We strongly recommend that you take the following actions to protect your financial information:

  • Cancel the credit / debit card (s) that have been used to make payments on the Fota Wildlife Park website.
  • Review your relevant bank account and credit card statements since 12 May 2024, to identify potential suspicious activity which may indicate that your account has been compromised.
  • If you identify any suspicious or unusual activity on your account, please contact your financial institution for further advice.
  • If you use the same password for other accounts, that you also change your password on those accounts.

 

We understand that this may be of significant concern to you. We would like to assure you that we take our responsibility to protect your personal and financial information seriously and have given this matter the utmost priority. We can confirm that the incident has been notified to the Data Protection Commission (DPC) and we are and will cooperate fully with their investigation into the matter. We are also liaising and working with An Garda Siochána.

If you have any queries in relation to this, please email them to: contact@fotawildlife.ie.

Yours sincerely,

The Fota Wildlife Park team

 


References

(1) Fota Wildlife Park issues warning to customers after being hit by cyber .... https://www.thejournal.ie/fota-wildlife-park-cyber-attack-6473969-Aug2024/.

(2) Fota Wildlife Park: How To Protect Yourself After Data Breach. https://thecyberexpress.com/fota-wildlife-park-confirms-cyberattack/.
(3) ALERT: Fota Wildlife Park warns visitors to cancel bank cards following .... https://www.limerickleader.ie/news/national-news/1590949/alert-fota-wildlife-park-warns-visitors-to-cancel-bank-cards-following-cyber-attack.html.
(4) Fota Wildlife Park customers urged to cancel credit cards after .... https://www.breakingnews.ie/ireland/fota-wildlife-park-customers-urged-to-cancel-credit-cards-after-cyberattack-1666369.html.
(5) Fota Park hit by cyberattack and customer credit cards exposed. https://www.siliconrepublic.com/enterprise/fota-wildlife-park-cyberattack-credit-cards-breach.

IISF Logo

If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:
secretary@iisf.ie

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland

 


Forum SPONSORS 

Invitations for Annual Sponsorship of IISF has now reopened.

Sponsorship of IISF Opportunity
(your logo & profile link here)

 

Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more

 

secured by edgescan digital security radar logo

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy  - Sponsorship  - Cybersecurity News Index  - Cybersecurity Resources  - X  - Produced by
LinkedIn Twitter