This article is from the source 'bbc' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.bbc.co.uk/go/rss/int/news/-/news/technology-13900831
The article has changed 5 times. There is an RSS feed of changes available.
| Version 3 | Version 4 |
|---|---|
| Travelodge customer data stolen | Travelodge customer data stolen |
| (about 2 hours later) | |
| Travelodge is investigating an apparent hacking attack on its customer database. | |
| A spokesperson for the hotel chain said that a "third party" had managed to obtain names and e-mail addresses. | |
| The company warned users of its online service to be on the lookout for spam e-mails. | |
| The incident has been reported to the UK's information commissioner who can fine businesses for poor data protection. | |
| A letter to customers, signed by the Travelodge's chief executive Guy Parsons, contained little information about the nature of the leak, although it stressed that the company had not sold users' personal data to anyone else. | |
| It also included details of a spam e-mail that some customers had received. | |
| "Good day. Don't miss exciting career opening. The company is seeking for self-motivated people in United Kingdom to help us spread out our activity in the UK area," said the message. | "Good day. Don't miss exciting career opening. The company is seeking for self-motivated people in United Kingdom to help us spread out our activity in the UK area," said the message. |
| A spokesperson for the information commissioner Christopher Graham, said that he was looking into the Travelodge reports. | |
| "We will be making enquiries into the circumstances of the alleged breach of the Data Protection Act before deciding what action, if any, needs to be taken," said the statement. | |
| The ICO has the power to levy fines of up to £500,000 on companies or organisations which are shown to have failed to protect personal information entrusted to them. | |
| Phishing trip | Phishing trip |
| Stealing names and e-mail addresses is a favoured tactic of cyber criminals, who use the information to send "phishing" messages to the affected customers. | Stealing names and e-mail addresses is a favoured tactic of cyber criminals, who use the information to send "phishing" messages to the affected customers. |
| In many cases, they pose as the company that the data was stolen from in the first place. | In many cases, they pose as the company that the data was stolen from in the first place. |
| Typically, recipients are asked to click on a link that will infect their computer with malicious software. Alternatively, the criminals may solicit financial information directly. | Typically, recipients are asked to click on a link that will infect their computer with malicious software. Alternatively, the criminals may solicit financial information directly. |
| Security experts advise users to pay close attention to the address where an e-mail is sent from and the web URL of any links it contains. | Security experts advise users to pay close attention to the address where an e-mail is sent from and the web URL of any links it contains. |
| Even when these look genuine, people should avoid handing over secure information in response to unsolicited messages. | Even when these look genuine, people should avoid handing over secure information in response to unsolicited messages. |