Oh dear, it seems UK budget hotel chain Travelodge has had its customer database hacked. Customers have started receiving "work from home" scam spam as a result.
- On the one hand, the company is soothingly reassuring that no financial details have been stolen.
- On The Other Hand, it's not saying what data have been lost in the breach -- obvious spam is one thing, but could there be enough details to launch a targeted phishing campaign?
Plus, today's skateboarding duck: Hilarious Doctor Who haiku comics...
Carrie-Ann Skinner reports:
Travelodge said some ... users registered to receive email may have received spam ... about working from home. ... Travelodge said it had not "sold any customer data ... no financial information has been compromised".
Full details of the security breach have yet to be released. ... It is in the process of conducting a comprehensive investigation ... and advised any ... users that received the spam ... to simply delete it.
Tom Espiner adds:
The company has narrowed down the number of customers ... affected ... [said] a Travelodge spokeswoman. ... The company was alerted to the breach by customer complaints [she] said. ... Travelodge informed the Information Commissioner's Office ... of the breach.
Travelodge sent out a letter ... on Thursday warning [customers] of spam.
John Oates is blissfully happy, or something:
The company has not lost their credit card details, which is nice. ... [But] the chain of motels has indeed had its customer database compromised.
Richard "Shepy" Shepherd was one of the unlucky "few":
The subject is my full name ... not what you would expect to see in spam ... and see that the email address to which it was sent ... I have only ever provided to Travelodge.
The update states no financial information has been compromised ... this still doesn’t sit well with me. ... Why did it take people complaining on Twitter etc to highlight the situation? ... They are, through omission ... saying that some data has been compromised. ... How are they so sure that financial information has not been taken?
Having name, address and other ... details is just as worrying. ... Have passwords been compromised? ... Some people may have used the same password on Travelodge as they have on other sites.
But Stringer Bell responds with a shrug and a sarcastic, NSFW comment:
**** a brick. ... People will get spam. ... Who ****ing cares ... considering how often my inbox receives ***** spam.
Meanwhile, Steve Diamond sees the funny side:
Today's Skateboarding Duck...
Don't miss out on OTOH:
- Follow @richi on Twitter
- Pretend to be richij's friend on Facebook
- Catch up with posts from the previous few days
Richi Jennings is an independent analyst/consultant, specializing in blogging, email, and security. His writing has previously won American Society of Business Publication Editors and Jesse H. Neal awards. A cross-functional IT geek since 1985, you can also read Richi's full profile and disclosure of his industry affiliations.