The personal data and credit card details of 243,000 hotel guests are thought to be at risk after a laptop containing the records was stolen.
The data – on customers with Hotels.com, a subsidiary of travel firm Expedia – was held on a laptop belonging to an employee of Ernst & Young, the company’s auditor. It was stolen from a locked car, understood to have been in Texas, US, in February.
The loss is the latest identity theft scare to hit the US, following the announcement by banking firm Wells Fargo that a computer containing confidential data on mortgage customers had gone missing, and the admission last month by the US Department for Veterans’ Affairs that information on 26.5 million former soldiers had been stolen.
The Hotels.com records covered customer transactions from 2004, with some earlier data, and included names, addresses and credit card details.
Ernst & Young notified the Hotels.com of the security breach at the beginning of May.
The hotel firm said communications with the police had not suggested any use of credit card details for fraud, and it is thought that the laptop was not the thieves’ main target. But the company has written to customers urging them to take anti-fraud measures.