Best Western Hotel chain hacked


Best Western Hotel chain hacked

Rebecca Thomson

The Best Western Hotel chain has launched an investigation after hackers stole the personal data of guests.

Details of up to 8 million people were exposed after security information was sold by a network operated by the Russian mafia, according to media reports, but the hotel chain said the incident had been "blown out of proportion".

The chain, which has 4,000 hotels in 80 countries, said just ten people had been affected by a security breach on August 21.

The hotel said three separate attempts were made via a single log-on ID to access the data from a hotel in Berlin. The company said in a statement that a Trojan horse virus was detected by the hotel's anti-virus software.

The compromised log-in ID permitted access to reservations data for that hotel only, and that the computer in question has since been removed.

"We are working with the FBI and international authorities to investigate further. The compromised user ID permitted access only to the reservations at a single hotel, and there is no evidence of unauthorised access to data for any other Best Western hotel," said a spokesperson.

The chain is continuing to monitor for further, similar activity in other hotels.

The hacker is believed to have bypassed the security software and placed a Trojan virus on one of the company's machines that was used for reservations.

The username and password of the next staff member to log in was then collected. The stolen data includes addresses, telephone numbers, credit card details, and places of employment.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy