Google employees’ private and card data feared leaked after travel agency got hacked
Some of Google employees’ private and financial data may have been exposed after a travel agency that handles all of the tech giant’s travel bookings got hacked. Google notified its employees and the state of California about the breach, adding that hackers stole names, contact details and card data used to make hotel bookings for the company’s staff.
The stolen data was not accessed directly from Google, nor does it appear to be a targeted attack on the company. The data was stolen earlier this year when the Sabre Hospitality Solutions SynXis reservation system was compromised. Carlson Wagonlit Travel (CWT) is one of the companies that used SynXis. The firm handles all of Google’s bookings for business trips.
“Sabre notified CWT, which uses the SynXis CRS, that an unauthorised party gained access to personal information associated with certain hotel reservations made through CWT,” Google told its staff in a letter. “CWT subsequently notified Google about the issue on June 16, 2017, and we have been working with CWT and Sabre to confirm which Google travelers were affected.”
“Sabre’s investigation discovered no evidence that information such as Social Security, passport, and driver’s licence numbers were accessed. However, because the SynXis CRS deletes reservation details 60 days after the hotel stay, we are not able to confirm the specific information associated with every affected reservation,” Google added in its letter to its workers.
As a result of the breach, Google is now offering its employees two years worth of free “identity protection and credit monitoring services”. The company also urged its staff to stay vigilant against potential fraud and identity thefts.