TripAdvisor breach sparks warning

Businesses have been warned about the collateral damage an email database breach can cause, after TripAdvisor was forced to admit hackers have stolen email addresses from its website.
The Expedia-owned company – which claims to be the world’s biggest travel website, with 50 million unique monthly visitors – has warned customers to expect a raft of spam emails as a result of the attack.
A statement on its website said: “We discovered that an unauthorized third party has recently stolen part of TripAdvisor’s member email list. While we’re still investigating the details, we’ve identified the vulnerability, shut it down and are vigorously pursuing the matter with law enforcement.
“We’re taking this incident very seriously. We are also implementing additional security precautions to help prevent another incident in the future.” The website confirms no password or financial information was taken.
Play.com was hit by a similar breach, and was forced to apologise after a raft of customers received spam emails which contained a virus.
Paul Ducklin, head of technology at Sophos, believes the issue should set alarm bells ringing, even though “this is an embarrassing breach, rather than a dangerous one”.
He said: “If you use email for direct marketing purposes, do not let yourself get caught out like Play.com or TripAdvisor. Whether you lose email lists from your own servers or through a third-party marketing company is irrelevant – it is your brand which suffers. Even if you only lose email addresses, it is a poor advertisement for your business.”

Related stories:
Silverpop fingered by Play.com
Play.com rocked by data breach