[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Expedia's TripAdvisor Member Data Stolen in Possible SQL
From: InfoSec News <alerts () infosecnews ! org>
Date: 2011-03-25 6:22:19
Message-ID: Pine.LNX.4.61.1103250021500.24244 () conundrum ! infosecnews ! org
[Download RAW message or body]
http://www.eweek.com/c/a/Security/Expedias-TripAdvisor-Member-Data-Stolen-in-Possible-SQL-Injection-Attack-522785/
By Fahmida Y. Rashid
eWEEK.com
2011-03-24
TripAdvisor discovered a data breach in its systems that allowed
attackers to grab a portion of the Web site's membership list from its
database.
The data breach was discovered over the weekend of March 19, and an
"unauthorized third party" had stolen the e-mail list, Steve Kaufer,
co-founder and CEO of TripAdvisor, wrote in an e-mail to members on
March 24. The vulnerability has been shut down and the company is
working with law enforcement as well as conducting its own
investigation, he said.
TripAdvisor does not collect or store members' credit card or financial
information, and member passwords were not stolen, Kaufer said. He said
most members won't notice anything as the result of the breach, although
some users may receive some spam as a result of the theft. The company
notified the customers because "it's the right thing to do," he said.
"As a TripAdvisor member, I would want to know," Kaufer said.
[...]
___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic