Data breach - Frequently asked questions

EuroParcs has become aware of a data breach in its secure digital environment. This involved personal data of EuroParcs stakeholders.

We follow the definition of the Personal Data Authority (AP): "A data breach involves access to personal data without permission or intention. Where the cause is a breach of the security of this data."

The personal data in question may belong to various types of stakeholders of EuroParcs, including (former) employees, tenants and holiday home owners. An unauthorised party has had access to various types of data, including (email) addresses, dates of birth and telephone numbers. Stakeholders whose personal data may have been involved in some form have been notified personally.

As the security of relations' data is a top priority, we are cautious about what information we share about this incident. We cannot share specific information about our affected IT systems. We feel it is important to mention that our reservation system was not affected. Our newsletter database and our internal accounting system have also not been affected. Reservations can be made safely.

We have high standards for data processing and privacy and take the concerns of potentially affected stakeholders very seriously. Since the incident, we have taken all necessary data security actions and made maximum efforts to mitigate the consequences. Applicable privacy laws and regulations have been observed.

We quickly detected the data breach and subsequently took the affected part of our IT environment offline immediately. EuroParcs also called in relevant experts for advice and support. After several checks, using a "restore" of a secure backup, we were able to restore our IT environment and associated data.

In line with our duty to inform, the Personal Data Authority (AP), the competent authority, was notified. Potentially affected stakeholders were also personally informed of the nature of the data breach, its potential consequences and measures to mitigate these consequences.

Up-to-date information and answers to frequently asked questions can be accessed on this webpage.

Data breaches involve increased risks of misuse of personal data, for example via spam and phishing messages. We ask you to be extra alert to this in the coming period. In addition, always use strong passwords and change them periodically. We also ask you to be extra vigilant for identity fraud. People who suspect that they are involved in this can report to their municipality and the National Fraud & Cyber Crime Reporting Centre (https://www.actionfraud.police.uk). Further information can be found at https://ico.org.uk/for-the-public/identity-theft.

In conducting the research carefully, we work as quickly as possible so that we can provide any affected relations with information and advice at the shortest possible notice. We will also regularly update this webpage with new information.

As also indicated above, we can say with certainty that our booking system has not been hit. Bookings can therefore continue to be made safely and you can go on holiday with peace of mind.

As the reservation system and accounting system have not been hit, invoicing from EuroParcs will take place as you are used to. We ask EuroParcs relations to be extra alert for possible spam and phishing messages in the coming period. Payment requests can only be trusted when EuroParcs payment details are used. You can find more information on https://actionfraudalert.co.uk/.

Yes, you can use our WiFi networks at all EuroParcs locations, without any restrictions. Of course, you should exercise normal caution when using a public WiFi network.

EuroParcs' mailings come from another system, which has not been touched. So there is no risk that your data has been leaked via the mail system. Because a data leak did occur elsewhere in our systems, we still ask EuroParcs relations to be alert to possible spam and phishing messages. For more information on how to deal with such messages, please visit https://www.actionfraud.police.uk/.

Data security is a top priority at EuroParcs. We set the highest standards for our own systems and those of our IT partners. You can read more about this in our privacy statement. Every day, unfortunately, very many organisations worldwide, which, like EuroParcs, take strict data security measures, are affected by such data breaches. Of course, we constantly evaluate whether tightened measures are necessary. We will also do so based on the results of our investigation into this incident.

Data security is a top priority at EuroParcs. We set the very highest standards for our own systems and those of our IT partners. The data breach was quickly detected and then immediately blocked, after which the system was restored. Every day, unfortunately, very many organisations worldwide that, like EuroParcs, take many data security measures, are affected by such data breaches. Naturally, we constantly evaluate whether more stringent measures are needed. We will also do this based on the results of our investigation into this incident.

This is not needed. EuroParcs has reported this incident to the Personal Data Authority.

If you have any questions not on this page, please contact our Data Protection Officer (FG) using the form below.