Online group buying has taken off in a big way in the Australian market, with the market now worth nearly nearly half a billion dollars and significant growth predicted over the next 12 months and beyond.read more
I can confirm that the screenshots that Iain showed to me
of the reservation database administration interface, apparently for
all European bookings, has a search facility which is showing a date
range of 14th August 2007 through to 21st August 2008.
Although the screenshot does only show a handful
of transactions covering a period of the 18th to 21st August 2008, it
does prompt important question number two:
If all the data is purged immediately after a guest departs the hotel,
why does the transaction log have a search facility which goes back a
full year?
One thing where there can no doubting at all, is that Best Western has
suffered a serious breach of its security. I have seen screenshots
showing not only guest names and addresses, but also frequent guest
account information and full credit card data.
Interestingly, Iain recounts how he asked his hacker contact what
security was being used by Best Western, to which he replied that if
you knew that it would make this type of hack a lot easier.
Iain, being an investigative journalist, did what he does best and
investigated. In fact he called Best Western head office and asked to
speak to the IT department. Amazingly, he tells me he was put through.
Even more amazingly, having explained to them he was a Best Western
customer worried about being hacked he asked what Internet security
solution the hotel used. They told him.
I will refrain from repeating it here, but the very fact that it was
this easy to get such sensitive information as a this suggests to me
that there are serious security best practise problems within the Best
Western organisation.
A Best Western spokesman has stated that "Best Western would like to
assure our customers, member hotels and business partners that we have
no evidence to suggest that there is need for widespread concern."
The very fact that a breach has occurred, even if it does turn out to
have involved 'only' 13 people and the ease with which a reporter could
get information about its security systems, suggests otherwise.
David Bass
| Diversified industrial manufacturer Eaton Corporation has today launched a new set of enclosure power distribution units, ePDUs, that prov…
How to Make Business Discovery Work for Your Business
Business Discovery takes its cues from consumer apps. Like Google, it encourages us- ers to hunt for and explore data without worrying about or even noticing the underly- ing technology. Their entire experience is working within an intuitive interface to get real-time, self-service results with only minimal training. ...more
Try an easy-to-use set of web-enabled
tools for business-class productivity services. Office 365 provides
anywhere-access to email, important documents, contacts, and calendars
on almost any device.
LATEST HEADLINES FROM YOUR IT
