Fota Wildlife Park says it has now contacted all of the customers affected by the cyberattack on its website which emerged earlier this week.
In an update, the park confirmed once more that the attack had occurred and said that “appropriate measures” had been taken to secure its website.
Details of the attack first emerged on Wednesday evening when the park contacted all patrons who had paid for tickets on its website between May 12 and August 27 of this year, and advised them to delete their credit cards.
As of Friday evening — following 24 hours where no access was permitted — the website was operating once more, albeit with the online ticket functionality removed.
“The incident has been notified to the relevant authorities and Fota Wildlife Park is cooperating with those authorities,” a spokesperson said.
While Fota Wildlife Park has made contact with all of its customers who were potentially affected by the breach, no further update for those customers has been forthcoming as yet.
It is as yet unclear how many customers were affected by the attack.
One affected customer who responded to Fota Wildlife Park’s initial mail late on Wednesday night received a further response on Friday, noting that as a “live investigation is ongoing, we cannot provide further details other than the email communication you received from us”.
The park is “co-operating with the authorities”, the response read, adding the park’s apologies “for any inconvenience this has caused”.
One customer, Cork-based physiotherapist Bryan Jacob, previously told the scammers had attempted to remove €600 from his Revolut bank account earlier in August, with €280 of that money eventually lost.
thatMr Jacob had used his Revolut credit card to purchase tickets from Fota Wildlife Park’s website late in July.
Neither Revolut nor Google Pay were willing to take responsibility for Mr Jacob’s loss, with the matter thereafter referred to the financial ombudsman.
Fota Wildlife Park remains open for business but only tickets bought physically at its kiosks are currently being accepted.
The park said its incident response plan was instigated once evidence of the “illegal cyberactivity” on its site was notified.
A spokesperson for the Data Protection Commission confirmed a data breach notification had been received from the wildlife park and is currently being investigated.
A Garda spokesperson meanwhile said the force had “been made aware of a possible malware incident involving a commercial business in County Cork”.
“Gardaí attached to the Crime Functional Area, Cork County Division are currently working with and assisting the business in relation to this incident,” they said.
The National Cyber Security Centre said it was “aware of the incident involving Fota Wildlife Park and continues to work closely with them”.