no entry
1128 days ago

TripAdvisor issues warning after part of email database is stolen

User review giant TripAdvisor has been forced to notify members of a major security breach after a “portion” of its 20 million-strong email list was stolen.

no entry

The company has posted a message outlining some details of the incident, which supposedly took place “recently” and involves an undisclosed number of member email detail taken from the system.

Officials are keen to stress that the company does not collect credit card details or any other financial information, but it is warning members that they may receive some “unsolicited emails” as a result of incident.

In an additional statement, the official says:

“We sincerely apologise to our affected members for this inconvenience and are implementing additional security precautions to help prevent another incident in the future.

Such is the seriousness of the breach, agencies from outside the company are now said to be looking into the theft, although it is unclear whether the investigation is taking place at one of its international offices or the headquarters in Massachusetts, US.

“While we’re still investigating the details, we’ve identified the vulnerability, shut it down and are vigorously pursuing the matter with law enforcement.”

The bulletin to members goes on to explain how they might be able to identify any unsolicited emails in the future and how to deal with them.

How such a major incident could have taken place may well emerge in the coming weeks, but while TripAdvisor’s transparency with coming forward immediately to notify members should be applauded, such openness elsewhere may also shed some light on some of the wider IT practices within the company.

Seven months ago, technical manager Sanjay Vakil wrote in the Y Combinator forums that TripAdvisor developers have “root access on EVERY box”, meaning that technical staff could essentially see all files, delete them and add them from a server.

Vakil’s comments were lambasted by other developers and technicians in the forum:

“Ugh. I understand the principle of empowering developers, but some basic security would be nice…” wrote one member at the time.

Another added: ”Yeah, I wonder who cleans up after this. The guy who has root ‘just because we give it to all developers’ and makes a mess and seriously breaks the production site is most likely not the person you want cleaning it up when time is of the essence.”

There is no indication at all at this stage whether the theft was carried out by individuals within the company or from the outside.

Kevin May

About the Writer :: Kevin May

Kevin May is editor and a co-founder of Tnooz. He was previously editor of UK-based magazine Travolution for nearly four years and web editor of Media Week UK from 2003 to 2005.

He has also worked in regional newspapers (Essex Enquirer) and started his career in journalism at the Police Gazette at New Scotland Yard in London. He has a degree in criminology and a postgraduate diploma in magazine journalism.



Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

  1. Brian Leonard

    Already seeing spam come through on my registered biz account..first piece of spam I have seen in over 3 years….so sad.

  2. Best of Tnooz This Week - Stealing TripAdvisor, Killing intermedaries, Failing Facebook | Tnooz

    [...] TripAdvisor issues warning after part of email databse is stolen [...]

  3. Ludean Young

    Ministry of Detourism?


    How long before this surfaces on The Pirate Bay? Not good news!



  • (separate multiple emails with commas)
  • (optional)
  • (optional)
  • This field is for validation purposes and should be left unchanged.

Newsletter Subscription

Please subscribe now to Tnooz’s FREE daily newsletter.

This lively package of news and information from Tnooz’s web site provides a convenient digest of what’s happening in technology that drives the global travel, tourism and hospitality market.

  • Cancel