Shostack + Friends Blog Archive

 

Grand Hotel, Brighton, UK/Hotel guests' *signatures*, credit card info, names, addresses/found by passer-by in trash

I read about these records being disposed of improperly yesterday but decided it wasn’t worth a blog entry. Since international hotel data breaches seem the up-and-coming thing, I have reconsidered. That and SecurityFocus stealing our move by getting the Bahamas breach into print so quickly :^).
The BBC provides some additional detail:

The discovery of hotel registration cards in a skip, containing guests’ signatures, credit card and contact details, has prompted an inquiry.
Fraud experts said criminals could have used the cards, from the Grand Hotel, Brighton, in identity theft.
Owner, the De Vere Group, apologised and has destroyed the documents, which were found by a passer-by.
The Information Commissioner’s Office (ICO) is to contact the hotel about the breach of customer privacy.
The hotel regularly hosts high-profile corporate conferences. Some of the cards had been completed by MPs.

Additional reporting claims that the breach exposed the information on guests registered between 1998 and 2000, a number in the thousands.
[I am inferring from context that a “skip” is what an American would call a dumpster]

One comment on "Grand Hotel, Brighton, UK/Hotel guests' *signatures*, credit card info, names, addresses/found by passer-by in trash"

Comments are closed.