TripAdvisor has suffered a data breach at its Viator tour-booking and review website.
An estimated 1.4 million Viator customers are potentially affected by the compromise, which the firm admits may have exposed payment card data.
The compromise also potentially aired 1.4 million email addresses, passwords and Viator “nickname” associated with accounts. Viator only became aware of the breach after investigators looking into incidents of credit card fraud made the link that victims were also users of its site.
The cause of the breach, much less who might be behind it, is currently undisclosed and quite possibly unknown at this stage of the ongoing investigation. How bad-guys decrypted “encrypted” credit or debit card numbers exposed by the breach is also unclear and the suspicion must be that this information was not as strongly protected as it ought to have been.