Travelodge, Fortnum & Mason – Typeform Data Breach

Details below of several data breaches which have happened over the past few days affecting some household names.


Customers of Travelodge are being notified that some of their personal details have been stolen in a data breach.
An email has been sent out 02/07/2018 to customers which explained that:

On Friday, June 29, Travelodge was notified by Typeform, a third party company who manage customer surveys and competitions on behalf of many companies, including Travelodge, that they had been the victim of a data security incident.

This breach may have affected the personal data they hold about you. More information on the details taken can be veiwed here Travelodge Data Breach Statement.

Fortnum & Mason

Fortnum & Mason the retailer to HM the Queen has announced that around 23,000 of its customers have seen their names, email addresses and home addresses, as well as social media handles, compromised by a data breach of a 3rd Party service provider, Typeform, who they use for such services as online surveys and competition entry.

Fortnum & Mason chief executive Ewan Venters is quoted as saying to the Standard:

As soon as we were alerted over the weekend we spent time with Typeform looking at what exactly could be at risk. Thankfully it’s mostly limited to email addresses. There’s no impact on the core systems at Fortnum or highly sensitive information like bank details. I want to stress that there’s no concern about any banking information or credit card data. We have very vigorous pressure testing on core Fortnum & Mason data services.


The link between these data breach announcements and possibly several more to come in the near future if logic is to be considered is a company called Typeform.
Typeform is a Software as a Service (SaaS) company that specializes in online form building and running online surveys. Its client base boast such companies as Apple, Uber and Airbnb.

Typeform have said on the incidents:

On June 27 our engineering team became aware that an unknown third party gained access to our server and downloaded certain information. Some data was compromised. We responded immediately and fixed the source of the breach.

Further information on the incident from Typeform can be veiwed here Typeform Statement

All the organisations involved are quite correctly trying to play down the incident and believe there is little risk to those customers affected.

Whilst risk may be low BMGUK Consultancy Ltd would recommend you remain vigilant when reading emails that may look suspicious, or answering calls from callers alleging to be from the companies  affected.

If you need help or training on things such as staying safe online, Identity Theft or data protection then please feel free to get in touch with BMGUK Consultancy Ltd. With over 20 years experience in IT, Data Protection and Project Management we are well place to assist you with all your needs.


Comments are closed.

Powered by

Up ↑

%d bloggers like this: