itemprop=”caption”> hackers have stolen credit card data from a travel service provider. Affected include customer Expedia and Opodo. © stern.de / Philipp Möller
D he attack was fast and made for fat loot: unknown persons on 11 April, the server cracked one of the largest companies in travel bookings and stole a yet unknown number of customer credit card data. The company confirmed the TravelTainment which operates a centralized booking system for various travel portals and care sector, such as “weg.de” Tui, Opodo or Expedia. “Find some 11,000 tourist travel agencies in Germany and book the travel of their customers [...] on our server,” it says on the website of the company.
cybercrime center switched
The travel providers currently affected inform their customers about the data theft. How Expedia writes in an e-mail that stern.de is true: “Unfortunately, we must now inform you that by this hacker attack may also information from you, which you have given us during the booking with the travel agent have been stolen. ” Were stolen, among other things, the number and type of credit card verification number (CVV), expiry date and the name, address, telephone number and e-mail of the owner.
“We reacted immediately and take all necessary measures to determine the entry point for unauthorized access,” it said in a press release TravelTainment. You’ve checked all systems by external service providers, and switched on the cybercrime center of the Office of Criminal Investigation of North Rhine-Westphalia. In addition, the relevant credit card companies have been informed.
How many companies and customers are affected by the data leakage, do not tell TravelTainment in order not to jeopardize the investigation. But if it were “partial credit card information to a relatively small number of customers,” it said in a statement.
thousands of customers affected?
other sounds in a speaker Opodo: About a third of the total of 11,000 companies could be affected, he said stern.de . Also the travel provider allroute has told the “Süddeutsche Zeitung” confirms that own customer data were stolen. The number of people affected, he estimates at “less than 100″, they have already been contacted via e-mail. In addition, the travel suppliers have set up a hotline.
Although the attack on 11 April was also a trip users could be affected, the days before the cyber attack have booked: Depending on the company customer data between two and 48 hours are stored, the Opodo spokesman. Thus, even credit card data had been stolen from customers who between 9 and 11 April had booked a trip and given as payment option to their credit card information. Even customers who have booked their holiday or their ride at a local travel agency could be affected by the attack.
Who has booked a trip during that period, should check his credit card statements carefully and immediately inform his bank with abnormalities. Another risk: Because the cyber intruders have captured not only credit card data, but also a variety of personal information, threaten sophisticated phishing attacks. So criminals could use the stolen data second, by e-mail is sent with links or contaminated with viruses and Trojans in the Appendix.
Should you be traveling abroad, you can block their card through the international emergency number 116116th Are you a victim of card fraud, created for the blocking and the purchase of a new card no cost.