Best Western forced to play defense on data breach disclosure

Could hotel chain have done a better job of defusing story about system intrusion?

The headline in this week's Glasgow Sunday Herald -- "Revealed: 8 million victims in the world's biggest cyber heist" -- was a grabber.

And it certainly got the attention of the Best Western hotel chain, which found itself scrambling to do damage control after the Scottish newspaper reported that hackers had broken into its online reservation system and stolen 8 million customer records. According to the Sunday Herald, the theft netted data on everybody who had stayed at Best Western's 1,312 European hotels this year and in 2007.

After the story appeared on August 24, US-based Best Western International acknowledged that the Herald had alerted it to a "possible compromise" of data. But the company refuted the Sunday Herald's claims about the scope of the system intrusion, saying that the story was "grossly unsubstantiated." Best Western said the breach had affected just 13 customers at a single hotel in Berlin -- a number that it later reduced to 10.

Nonetheless, the company couldn't stanch the online flood of stories and blog posts about the data breach that followed the publication of the Sunday Herald's story, which said that a hacker from India had obtained log-in credentials for Best Western's online booking system via a keystroke-logging program and then sold information on how to access the data in the system "through an underground network operated by the Russian mafia."

Best Western's experience highlights the public relations problems that can result from breach disclosures, as well as the need for companies to have comprehensive incident-response plans in place for dealing with such disclosures.

In this case, Best Western could have beaten the Sunday Herald to the punch by breaking the news about the breach itself. The intrusion took place on August 21; according to the newspaper, it brought the breach to the company's attention the following day, two days before the story was published.

In comments sent via e-mail this week, a Best Western spokeswoman indicated that the company was blindsided by the Sunday Herald's claims about the scope of the breach. The reporter who wrote the story didn't mention the possibility that 8 million records had been stolen when he talked to Best Western officials, the spokeswoman said. She said that he simply asked for the number of Best Western hotels and rooms in Europe, and that he appears to have used those numbers to extrapolate the 8 million figure.

And the only evidence of a breach that the reporter presented was a screenshot of a single log-in suggesting a possible compromise, the spokeswoman added. "Basically, the Herald elicited a statement from us on one issue and used the statement to report on another," she said.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags data breach

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jaikumar Vijayan

Show Comments


James Cook University - Master of Data Science Online Course

Learn more >


Sansai 6-Outlet Power Board + 4-Port USB Charging Station

Learn more >



Back To Business Guide

Click for more ›

Brand Post

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?