Best Western and lessons for us all

The actual scope of the Best Western data breach is open to speculation. The Sunday Herald scoop was that “stolen login details were..put up for sale and shared on an underground website operated by a notorious branch of the Russian mafia… Once the information was online, experts estimate that it would take less than an hour to write and run a software bot..capable of harvesting every record on Best Western’s European reservation system”. However, this has been refuted with the company claiming there was “some evidence” of unauthorized access to customer data by someone using a valid employee username and password. But the compromise was limited to just one property..adding that the total number of potentially affected customers was 115.

There are some messages for all of us to take home from this incident.

– The press and blogging community will be quick to latch onto speculation about data breaches. News will spread fast. Having a good incident response and communication plan is essential. The messages that do come out from your organisation will be analysed and pulled apart. For instance – how can they be sure only 115 records were compromised? It’s a very precise number.

– The reported fact that an account was compromised because of malware on a PC has not been refuted. It’s a good opportunity to remind company employees to be vigilant and for network teams to double-check that all servers, devices and desktops are patched and up to date. Use this incident as an example of what can go wrong.

– We obviously don’t know how the Trojan code got onto the compromised device. Perhaps the malware signatures weren’t up to date, it may have been unknown malware for an unknown vulnerability, or it may have been deliberately installed by a malicious company employee.

– Don’t down play the value of the data your own business holds. Given the opportunity, criminals will steal it and trade it.

Whether or not Best Western have been the subject of one of the most audacious cyber-crimes ever this incident serves as a timely reminder that hackers are still after our systems.

 

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

The Sunday Herald claims it has "absolute proof" of the basis of their story (I live in Scotland and spoke to their newsdesk this morning) and they are continuing to pursue this story further. Before that, on Monday when I phoned Best Western's Customer Services in Phoenix, AZ I was assured that NO unauthorised access had been detected. Since then other news services report that Best Western acknowledges just one hotel in Berlin was affected and "13" client details were compromised. Although BW asserts that guest details are purged from their records promptly after they leave, this doesn't include those (perhaps most of us) whose details are registered in BW's Gold Crown Club. Could the Trojan have wormed its way into that?
Cancel

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close