The Travel Corporation Data Breach Lawsuit

In February 2018, The Travel Corporation failed to prevent a phishing scam that resulted in the breach of thousands of employees’ private data. Every U.S. employee of TTC was affected by the breach, which could lead to identity theft, credit card fraud, and other damages.

Our attorneys may pursue legal action against TTC on behalf of its employees. If you or a loved one work for TTC in the U.S. and had your identity stolen after this data breach, please contact us as soon as possible. You could be owed money for damages.

What is The Travel Corporation?

The Travel Corporation (aka “TTC” or “TravCorp”) is a global travel and leisure group made up of hotels, cruise ships, and tour operations. TTC operates in more than 60 countries around the world, including the U.S., UK, Canada, Germany, France, Italy, and China.

The company says it serves 1.5 million customers a year. Its brands include Trafalgar, Insight Vacations, and Cost Saver. TTC is headquartered in Toronto and has a staff of 10,000 employees. Its Founder and Chairman is Stanley S. Tollman.

How did the Travel Corp. data breach happen?

On February 26, 2018, TTC’s Director of Human Resources fell prey to a phishing scam. The HR Director received an email from someone claiming to be the company’s Global Chief Executive Officer. This person asked for payroll information and all copies of TTC employees’ 2017 W2 tax forms.

The HR Director unfortunately complied, sending over the names, addresses, social security numbers, and W2s for all current American employees of TTC, as well as some former American employees.

TTC later realized that the recipient of this information was not actually the Global CEO but was in fact an unauthorized hacker. The company then reported this incident to the Federal Bureau of Investigation (FBI) and to the three major credit reporting bureaus (Equifax, Experian, and TransUnion).

Who was impacted by the Travel Corp. data breach?

All current U.S. employees of The Travel Corporation, and some former employees, had their data breached in the February 2018 phishing scam. The stolen data included:

  • Names
  • Addresses
  • Social Security Numbers
  • 2017 W2 forms

W2 forms include salary information, among other sensitive data.

What is the potential fallout from this breach?

Because the hacker was able to acquire the names, addresses, social security numbers, and W2s of so many employees, identity theft is a real threat. The hacker or hackers could sell this information to the highest bidder on the dark web—or use it themselves to open credit card accounts and/or file false tax returns in the victims’ names.

A fraudulent credit account can cause a person’s credit score to crater, costing them jobs, loans, and even housing. Credit report errors are extremely common, occurring in 20 percent of credit card holders. They are also notoriously hard to correct.

As advocated by TTC, employees impacted by this breach should immediately set up fraud alerts with a major crediting bureau. By doing so, creditors will contact the consumer for verification before opening a new credit account.

American TTC employees should also monitor all bank and credit accounts for suspicious or fraudulent activity.

Who is eligible for a Travel Corp. data breach lawsuit?

Anyone whose data was breached in the February 2018 phishing scam who then had their identity stolen or otherwise suffered financial losses as a result of the breach.

If you or a loved one work for TTC in the U.S. and suffered financial harm after this data breach, please contact us as soon as possible. You could be owed money for damages.

How do I join the Travel Corp. class action lawsuit?

Our firm is currently looking for a class representative in order to file a class action lawsuit on behalf of all TTC employees similarly affected by this data breach. If you think you may qualify, contact us for a free, confidential legal consultation.

Which law firm is best for data breach lawsuits?

John Yanchunis of Morgan & Morgan is America’s top data breach lawyer. He is Lead Plaintiffs’ Counsel on the largest class action lawsuit in history—regarding the Yahoo data breach that allegedly compromised the data of three billion people around the world.

Mr. Yanchunis is also on the Plaintiffs’ Steering Committee in the Equifax data breach case. He filed that lawsuit (now part of a multidistrict litigation) after unauthorized users accessed the private data of 145 million Americans, whose credit Equifax monitors.

Mr. Yanchunis has also represented consumers in the Home Depot and Target data breach lawsuits, which settled for $13 million and $10 million, respectively.

Contact us if you work for The Travel Corporation and were the victim of identity theft or credit card fraud after the February 2018 data breach. And Check regularly to stay up to date on other breaches and privacy issues that may affect you.

Did you find what you need?