Monday, September 22, 2014

BREACH: TripAdvisor’s Viator Notifies 1.4 Million Customers about Site and Mobile Data Breach

Viator, the tours and activities provider acquired by TripAdvisor this summer, is notifying 1.4 million customers that a data breach affecting its websites and mobile offerings may have compromised their credit and debit card numbers, email addresses, and other personal information.

Viator posted notices online September 19 about the breach, although the company learned of a problem 17 days’ earlier when its payment card service provider informed Viator about unauthorized charges on “a number” of customers’ credit cards.

Of the ongoing investigation into what happened, Viator states:
“We have hired forensic experts, notified law enforcement and we have been working diligently and comprehensively to investigate the incident, identify how our systems may have been impacted, and secure our systems.”

Viator states that its forensic team is still confirming what happened, but it believes the following customer data may have been compromised: customer name; physical address; encrypted debit/credit card number; card’s expiration date; Viator account information, including email address, encrypted password and Viator nickname.”

Viator does not collect debit card PINs so these were not compromised, Viator states.

No comments:

Post a Comment