Travel site TripAdvisor sent out an email to its registered users today, announcing that the site had been hacked, and some member emails had been “stolen” by an “unauthorized third party.” The company says no email passwords were taken by the hackers.
“We’ve confirmed the source of the vulnerability and shut it down,” says TripAdvisor co-founder and CEO Steve Kaufer. “We’re taking this incident very seriously and are actively pursuing the matter with law enforcement.”
According to Kaufer, only a “portion” of its members’ email had been compromised, and indicated that most members will not be affected by the breech. Those who are affected, however, “may receive some unsolicited emails (spam) as a result of this incident,” Kaufer wrote.
Kaufer did not indicate exactly how many members’ emails were stole, or when they discovered the breach in their security systems. (A company spokesperson tells ZDNet that the company’s investigation into the matter is ongoing.) But he does say that “data theft is becoming more common across many industries,” adding that TripAdvisor takes this “extremely seriously.”
Fortunately for members of TripAdvisor, which is best known for its reviews of travel destinations, airlines, hotels, restaurants and other tourist venues, the site does not collect credit card information. Kaufer was also quick to point out that the company also does not “sell or rent our member list.”
Trip Advisor is one of 18 travel sites owned and operated by TripAdvisor Media Group, which includes AirfareWatchdog.com, BookingBuddy.com and VirtualTourist.com. Together, the TripAdvisor network has roughly 20 million members in 27 countires.
“We will continue to take all appropriate measures to keep your personal information secure at TripAdvisor,” Kaufer says. “I sincerely apologize for this incident and appreciate your membership in our travel community.”
Read the full email below: