TripAdvisor has released a statement explaining that an unauthorised third party has breached its membership database and stolen the email addresses of some of its customers. Hackers exploited a vulnerability to gain access to the database.
Ross Brewer, vice president and managing director for international markets, LogRhythm, has made the following comments:
"This is the second time a well known website has been breached this week – just a few days ago it was Play.com with egg on its face, now it’s TripAdvisor. It’s the regularity of these types of incident that suggest traditional approaches to IT security are no longer fit for purpose.
“In addition to the traditional perimeter defences organisations typically deploy, organisations also need to adopt tools that enable them to monitor their extended IT infrastructures on a continual basis. Integrated log management and security information event management (SIEM) solutions allow companies to spot any suspicious activity as soon as it happens, acting as a vital safety net when perimeter solutions fail.
“Worryingly for TripAdvisor, consumers take a very dim view of companies that are lax with their data. A survey conducted by OnePoll in November 2010 found that around two thirds of UK consumers would try to avoid interacting with firms which are known to have lost confidential information.”