Quantcast
PCWorld.com is upgrading some back-end systems. Some site features, such as user registration, may be temporarily unavailable.
Subscribe to magazine

Hotels.com Customer Data Stolen

Theft of more than 200,000 credit card numbers reported.

Robert McMillan, IDG News Service

  • 0 Yes
  • 0 No

Hotels.com is warning nearly a quarter of a million customers that they may have had their credit card numbers stolen, following the theft of an unencrypted laptop belonging to the travel Web site's auditor, Ernst & Young Global.

The laptop was stolen in late February after an Ernst & Young employee left it inside a locked vehicle, according to Hotels.com Senior Compliance Officer Cathy Bump. Ernst & Young notified Hotels.com of the theft on May 3, and after determining which customers were affected by the data breach, the two companies began sending out letters last week notifying approximately 243,000 customers of the theft.

The laptop contained names, addresses, and credit or debit card information, mostly related to Hotels.com transactions that occurred in 2004, although some customers who made purchases in 2003 and 2002 were also affected.

The computer was stolen somewhere in Texas, though Bump would not name the city where the theft occurred. Hotels.com, which is owned by Expedia, is based in Dallas.

Recent Thefts, Relief

The combination of tough data breach notification laws and stolen laptops is keeping compliance officers such as Bump very busy these days. In May, the U.S. Department of Veterans Affairs reported that a stolen laptop and external hard drive were to blame in the loss of sensitive information on 26.5 million U.S. veterans. And Fidelity Investments lost confidential information on nearly 200,000 Hewlett-Packard employees earlier this year under similar circumstances.

There is no indication that the thief was trying to steal sensitive information, and there have been no indications to date that the information that was stolen has been misused, said Ernst & Young spokesperson Ken Kerrigan.

Since the theft, however, Ernst & Young has encrypted data on all laptops within its U.S. and Canadian operations, Kerrigan said.

Ernst & Young is offering one year's free credit monitoring to all Hotels.com customers affected by the breach.

PC World editors offer a variety of suggestions for protecting your notebook computer while traveling and at home and securing your data from theft.

  • Recommend this story?
  • 0 Yes
    0 No

"Hotels.com Customer Data Stolen" Comments

  • Great year-end deals
    for small business!

  • Get 24/7 live remote AT&T Tech Support 360* service along with select Lenovo* PCs (with Intel® Core™ 2 Duo processors) and save up to 200!

    Learn more

  • HP EliteBook* 6930p Notebook with Intel® vPro™ technology and a free HP Basic Docking Station - $641 instant savings!

    Learn more

  • *Other names and brands may be claimed as the property of others. ©2009 Intel Corporation. Intel, the Intel logo, vPro and Core trademarks of Intel Corporation in the United States and other countries. All rights reserved.

Dell End of Year Deals

People who read this also read:

  • 15 Minutes to a Secure Business Get the Secure in 15 toolkit starting with the "15 Minutes Month-at-a-Glance" calendar. McAfee will send you additional tools and tricks to stay protected around the clock.
  • A Buyer's Guide to Data Protection Implementing data protection products and processes can be daunting. Make the right decisions by exploring what is available and what makes sense for your organization. Use this simple guide to evaluate different vendor offerings.

Sponsored Links