No. 1 Story
Technology reinforces generation gap
If you believe that technology could be bridging the generation gap, think again. According to Deloitte’s first State of the Media report it’s as stark as ever.
read moreRelated Articles
Adoption of cloud computing has reached a tipping point - but don’t expect legacy...
In yet another blow to the Facebook IPO this week, following the withdrawal of...
Recruitment technology and social media have played a significant role in growing business in...
It's no longer unusual for a household or small business to use a mixed...
D-Link's latest wireless router is claimed to be three times faster than Wireless N...
More From
EXCLUSIVE: Best Western Pwned, new facts emerging
Davey Winder
Tuesday, 26 August 2008 18:33
Page 3 of 3
I can confirm that the screenshots that Iain showed to me
of the reservation database administration interface, apparently for
all European bookings, has a search facility which is showing a date
range of 14th August 2007 through to 21st August 2008.If all the data is purged immediately after a guest departs the hotel, why does the transaction log have a search facility which goes back a full year?
One thing where there can no doubting at all, is that Best Western has suffered a serious breach of its security. I have seen screenshots showing not only guest names and addresses, but also frequent guest account information and full credit card data.
Interestingly, Iain recounts how he asked his hacker contact what security was being used by Best Western, to which he replied that if you knew that it would make this type of hack a lot easier.
Iain, being an investigative journalist, did what he does best and investigated. In fact he called Best Western head office and asked to speak to the IT department. Amazingly, he tells me he was put through.
Even more amazingly, having explained to them he was a Best Western customer worried about being hacked he asked what Internet security solution the hotel used. They told him.
I will refrain from repeating it here, but the very fact that it was this easy to get such sensitive information as a this suggests to me that there are serious security best practise problems within the Best Western organisation.
A Best Western spokesman has stated that "Best Western would like to assure our customers, member hotels and business partners that we have no evidence to suggest that there is need for widespread concern."
The very fact that a breach has occurred, even if it does turn out to have involved 'only' 13 people and the ease with which a reporter could get information about its security systems, suggests otherwise.
You think you have a disaster recovery plan?
Think again. Most businesses only have PART of a DR plan - and this spells business disaster in the event of an IT disaster.
Download The Seven Sins of Disaster Recovery White Paper now and find out how you can prevent this happening to you.
