http://www.eweek.com/c/a/Security/Expedias-TripAdvisor-Member-Data-Stolen-in-Possible-SQL-Injection-Attack-522785/ By Fahmida Y. Rashid eWEEK.com 2011-03-24 TripAdvisor discovered a data breach in its systems that allowed attackers to grab a portion of the Web site’s membership list from its database. The data breach was discovered over the weekend of March 19, and an “unauthorized third party” had stolen the e-mail list, Steve Kaufer, co-founder and CEO of TripAdvisor, wrote in an e-mail to members on March 24. The vulnerability has been shut down and the company is working with law enforcement as well as conducting its own investigation, he said. TripAdvisor does not collect or store members’ credit card or financial information, and member passwords were not stolen, Kaufer said. He said most members won’t notice anything as the result of the breach, although some users may receive some spam as a result of the theft. The company notified the customers because “it's the right thing to do,” he said. “As a TripAdvisor member, I would want to know,” Kaufer said. [...] ___________________________________________________________ Tegatai Managed Colocation: Four Provider Blended Tier-1 Bandwidth, Fortinet Universal Threat Management, Natural Disaster Avoidance, Always-On Power Delivery Network, Cisco Switches, SAS 70 Type II Datacenter. Find peace of mind, Defend your Critical Infrastructure. http://www.tegataiphoenix.com/Received on Thu Mar 24 2011 - 23:22:19 PDT
This archive was generated by hypermail 2.2.0 : Thu Mar 24 2011 - 23:29:29 PDT