Travelodge is a hotel chain from the United Kingdom, and like any respectable business, it has a website. There is a bad part about this, however: their web page had a glitch that led to a
data leak. One could get a hold of sensitive data belonging to others, as records have been exposed due to a flaw.
The single good part about this is that phishing wasn't involved. Nobody's ID had been stolen and there have been no issues with this, since the glitch had been disclosed by a customer and not a malicious user. As Computing informs, the guy just clicked a link in a booking confirmation email and changed the booking number. The follow-up was the fact that he got access to other customer's orders. This showed their name, postal address and the last four digits of the credit card number, as the same source has it. And to think that this user wasn't even after this - he was just minding his own business, and stumbled across this by accident.
In my opinion, they were lucky that a hacker didn't find this first. Exploiting the glitch with the proper tools would have led to some serious data theft. However, Travelodge representatives have stated that even though this has been disclosed by a customer, it was nothing new to them - they just installed some program and left this flaw for one day. They've said it was nothing to worry about, but in any case, with hackers probing the web all the time, I still think they were somewhat lucky.
However, this was a case with a happy ending, but many people that conduct business over the web have little regard for cyber-security. Not once I've seen cases of sites that operate correctly with data and basically work around things pretty well, but even though the operations are done in the right way, many designers leave some flaws that could be exploited.
Find us on Google+
No user comments yet.
Be the first to express your opinion!
