The InformationWeek -- Blogs
Security

Topics:   Security

  • Email this page E-mail this page
  • Print this page Print this page
  • Bookmark and Share
  • icon

Best Western Hotel Chain Pwned


Posted by George Hulme, Aug 24, 2008 05:36 PM

According to news reports that started to surface over the weekend, Best Western, one of the world's largest hotel chains -- if not the largest -- is investigating a breach that purportedly has placed millions of its guests' data at-risk, and in the hands of Russian mobsters.

According to this news report in the U.K.'s Telegraph, Best Western GB is currently investigating how its IT systems where breached:

Best Western has confirmed an investigation is under way into how the chain's computer defenses were breached on Thursday night.

Details of how to access the information -- which included home addresses, place of employment and credit card details -- were sold through an underground network operated by the Russian mafia.

The attack scooped up the personal details of guests who stayed at Best Western hotels during the past year, potentially eight million people.

The rest of the details read like a traditional attack. It appears that (and details are always foggy at this point in these types of stories) an attacker was able to plant a Trojan on one of the company's reservation systems. That Trojan then sniffed the username/passwords of users -- which were then allegedly sold to organized crime.

This news report does have a rather optimistic quote from a Best Western spokesman:

Tim Wade, head of marketing for Best Western GB, said it was "unlikely" that whoever was responsible got hold of the details of "every booking at every hotel" in Europe because of the way their system worked.

Now, that's sort of good news. Isn't it?

« The Linkup Online Backup Goes Belly Up -- Lessons? | Main | Revinetix Adds 'File-Level Deduplication' To Backup Appliances »



Sign up now for the weekly InformationWeek Blog Newsletter.


This is a public forum. United Business Media and its affiliates are not responsible for and do not control what is posted herein. United Business Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.

Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of United Business Media LLC and may be edited and republished in print or electronic format as outlined in United Business Media's Terms of Service.

Important Note: This comment area is NOT intended for commercial messages or solicitations of business.