I have a question about

Yes, we have a list of all those guests affected, and if you have been contacted, you are on this list.

- First and last name of the main booker
- Email address
- Telephone number
- Destination (campsite)
- Holiday dates
- Travel cost

Yes.

No.

Be vigilant. Do not open any suspicious messages, do not respond to them, and do not click on any links. All contact attempts from the cyber criminals were directed at a limited group of guests and were made via WhatsApp. Roan NEVER includes a payment link in an SMS or WhatsApp message. However, we can email or text you to remind you that there are still payments outstanding for your holiday, but in these messages, you will be asked to go to your ‘My Roan’ account on the website. Your account on the Roan website is safe and secure.

No. This has no effect on your holiday.

In the case of cancelled holidays, cancellation fees will be charged in accordance with our booking terms and conditions.

Since no financial information, passwords, or sensitive personal data have been leaked, and because a prompt warning was given to prevent any actual financial loss, we are not offering any financial compensation for this incident. Our focus continues to remain on the immediate security of your account and the integrity of our systems.

Contact your bank immediately to explain this situation.

Yes, we take this matter very seriously. We are working closely with cybersecurity experts and the relevant data protection authorities.

Yes, our databases are safeguarded with strict security measures, including encryption of data at rest and in transit. This specific incident, however, involved unauthorised access through a vulnerability in the system of an external technology provider, allowing the attackers to bypass these security measures and obtain specific booking data.

We officially discovered the incident on 17 March 2026, following the first reports made to our customer service. At that moment, the breach seemed to only affect those guests whose stay was set to begin in March. However, on 25 March 2026, our external technology provider confirmed that the incident actually affected a much larger group of guests. The exact date of the initial data breach by the unauthorised third party was16 March 2026.

Directly after the discovery, we activated a multidisciplinary crisis management team. We urgently collaborated with our external technology provider to conduct a forensic analysis and patch the vulnerability. Parallel to that, we secured our own systems by resetting passwords on partner platforms and verifying multi-factor authentication (MFA) at all critical access points.

For security and legal reasons, and in particular because an active police investigation is currently taking place, we cannot disclose the name of the specific IT partner in question. However, we can assure you that the leak in their system has been fully patched. Our top priority is to ensure that you have the correct information to protect yourself against the current phishing attempts.

The source of the incident in our partner's system has been definitively identified and blocked. We are continuing the thorough forensic investigation together with cybersecurity experts to ensure that no 'backdoors' remain open. We have also proactively informed the relevant data protection authorities to comply with our legal obligations.

We fully understand your concerns about your privacy and security. To further reassure you, the personal data involved in this incident was limited to contact details (name, email address and phone number). Crucially, no physical addresses or residential locations were leaked.
While we understand that this is worrying, this type of data is typically used by automated systems for digital spam or 'phishing' attempts, and not to physically track individuals. There is no evidence that this incident poses a risk to the physical security of your home.
We advise you to remain vigilant for unsolicited text messages or e-mails.

Our systems are highly secure. The data breach has been contained and does not affect other parts of our systems. For payment, please log in to 'My Roan' on our website.

Based on the forensic investigation conducted by cybersecurity experts, we can explicitly confirm that the unauthorised access was not a long-term or persistent breach. It involved a strictly isolated, one-off exfiltration of data at one specific point in time. The specific vulnerability in the system that was exploited during this one-off event has been completely and permanently fixed. We can assure you that there was absolutely no ongoing access to your data or our reservation systems.