VietNamNet Bridge –  Vietnamese who used TripAdvisor’s Viator tour-booking site are concerned about the news that hackers stole information from 1.4 million payment cards of customers.



{keywords}




Tran Quang Chien from SecurityDaily said that illegal transactions had been made with some of the stolen cards.

The experts Viator hired to estimate the damage caused by the attack said that hackers broke into the internal database of the website and accessed the payment card database which includes information about credit card codes, the numbers of debit cards, expired dates, names, addresses and email accounts of 880,000 customers.

The hackers reportedly received 560 types of information from Viator’s accounts, including emails and password codes. However, the PIN codes of debit cards did not fall into the hackers’ hands, because Viator did not store the codes.

The CVV numbers (card verification value) printed on the back side of the credit cards were also safe from hackers.

Though there are no official statistics about the number of Viator and TripAdvisor service users, Chien believes the number is high.

“You’d better change your password immediately if you have an account on the system,” Chien said.

He also suggested that users change their passwords if they use the same passwords for other websites, especially social media networks and Gmail.

“It would be better to activate the 2-step verification function for your important accounts,” he added.

Ngo Tuan Anh, deputy president of BKAV, the country’s leading security firm, also noted that numerous Vietnamese seek tour information and book tickets on Viator’s system.

He also advised users to change passwords immediately and keep a close watch over the changes with their accounts. They should report any suspicious change to commercial banks and ask them to block the accounts.

Anh commented that the attack on Viator has once again shown the increasing vulnerability of websites run by online service providers.

He noted that hackers are now carrying out more and more attacks on subjects which can bring economic benefit to them by creating ransomware. More attacks have also occurred on payments and financial institutions where hackers can profit from leaked information.

This month, a similar case occurred with Home Depot, affecting 56 million customers.

Prior to that, hundreds of eBay customers were victims of an attack.

In related news, the Vietnam Computing Emergency Response Team (VNCERT) has discovered a CVE-2014-6271 hole on many Linux servers providing online services in Vietnam.

Buu Dien