Bob Sullivan reports:
Some Expedia.com customers are getting emails from the firm warning that a would-be criminal has obtained “unauthorized access … (to) your name, phone number, email address and travel booking.”
The details are being used in an attempt to trick customers into sharing even more personal information, the firm says.
Sarah Gavin, head of communications at Expedia, says the data was not stolen from Expedia, but rather a third party. The data was stolen by a criminal who successfully phished a partner hotel and obtained that hotel’s login credentials, and subsequently stole names and other information about consumers who had used the Expedia system recently to book a stay at that hotel.
Read more on BobSullivan.net.