Cyber Incident Victim: Liberty Bus

On or around May 15, 2019, LibertyBus discovered a data breach affecting customers attempting to top up prepaid AvanchiCards through its website. Hackers had created a spoof website that diverted users from the legitimate online top-up portals operated by LibertyBus in Jersey and its sister company CT Plus in Guernsey. The attackers successfully obtained login credentials and passwords for 361 LibertyBus customers in Jersey, representing approximately 1.8% of the island's 20,000 AvanchiCard holders, along with 82 CT Plus customers in Guernsey. No financial data or bank details were compromised in the incident. LibertyBus director Kevin Hart confirmed the breach was identified on Wednesday, May 15, with the fraudulent site being deactivated and authorities notified within hours of discovery. The company immediately contacted all 443 affected customers across both jurisdictions and initiated collaboration with the Office of the Information Commissioner and their website hosting provider to investigate the breach.

The incident exclusively impacted customers who accessed online top-up services through the operators' websites during the compromise period. Hart disclosed that his personal AvanchiCard account was among those compromised, using this detail to underscore the broader security lesson about password reuse vulnerabilities. Deputy Information Commissioner Paul Vane publicly commended LibertyBus for its rapid containment measures and transparent response to the breach. The Jersey Evening Post reported these developments on May 18, three days after the breach discovery, noting the Information Commissioner's ongoing investigation while highlighting the operator's proactive breach disclosure and customer notifications. Company leadership issued formal apologies to affected customers and emphasized their serious approach to resolving the security lapse through coordinated investigative efforts with regulatory and technical partners.