Menu
Viator breach highlights susceptibility of online payments: CipherCloud

Viator breach highlights susceptibility of online payments: CipherCloud

Cloud information protection company points to weak encryption as the reason for the intrusion.

The Viator data breach highlights the vulnerability of security for online payments, according to CipherCloud.

TripAdvisor, which owns the affected tour-booking and review website, disclosed the breach and how it potentially exposed the payment card data of 1.4 million customers.

Based on the released information, chief trust officer, Bob West, said the breach could have been prevented if Viator had used stronger encryption for user identities and credit card numbers.

“It’s also possible that strong encryption was used but the keys weren’t managed properly by Viator, which is as good as locking your car and leaving the keys in,” he said.

Better way of reporting

West said the Viator data breach comes at a time when security discussions centre on point-of-sale (PoS) malware in physical stores.

“Online payments are another major source for identity thieves to steal consumer information,” he said.

Free credit reporting is available for affected customers to deal with these types of incidents, though West characterises it nothing more than a “nice gesture.”

“Cyber criminals could just wait out the year and then apply for credit using the stolen personal information with names and addresses pieced together with other identifiers obtained elsewhere,” he said.

Read more: Security a core competency, differentiator for MSPs: Oracle

Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.


Follow Us

Join the newsletter!

Or
Error: Please check your email address.

Tags securitydata breachintrusionCipherCloudtripadvisorViator Tours & Activities

Featured

Slideshows

Data breach notification laws in NZ: How can partners prepare?

Data breach notification laws in NZ: How can partners prepare?

This exclusive Reseller News Roundtable outlined the responsibilities facing security partners today, assessing risk while evaluating the role of the vendor in providing added layers of protection.

Data breach notification laws in NZ: How can partners prepare?
Meet the leading StorageCraft partners across A/NZ

Meet the leading StorageCraft partners across A/NZ

StorageCraft honoured its top performing partners across Australia and New Zealand (A/NZ), recognising channel excellence following a strong year of growth.

Meet the leading StorageCraft partners across A/NZ
Show Comments