Travelocity Apologizes for Privacy Breach

Share this article: is issuing apologies to each of the 15,000 contest entrants whose personal information was inadvertently listed this week on a link on its site.

The names, mailing addresses, and, in some cases, phone numbers and e-mail addresses of 15,000 individuals who had entered sweepstakes on the site from May to November were displayed following the transfer of servers from one location to another.

One server that had been partially used for internal work was put into a Web-serving facility, and Travelocity "did not do everything we should have to make sure all files were removed," said Jim Mariscano, executive vice president of sales and service at Travelocity.

"Clearly, this is something we take very seriously and is very embarrassing. We're huge privacy advocates and talk about Internet security at every conference."

No credit card information or member profile information was exposed. Customer profile data are encrypted in a secure database, Travelocity said.

While the incident is not a case of hacking, Travelocity is investigating how information about the link, which could not be easily viewed, came to light. The link was a "number of layers down," Mariscano said, and most Net users would not recognize the information as a company database. "There was a certain set of circumstances that had to be present [for the information to be seen]," he added.

Travelocity executives talked with executives at a competing company that it thought might be involved.

"This company has the technological ability, but we were assured they were not involved," Mariscano said.

Travelocity has data on who accessed the database and how many times they viewed it. Someone who viewed it contacted a reporter anonymously but did not notify Travelocity.

"We would have preferred that they let us know, but at least they let somebody know," Mariscano said.

Within 15 minutes of the reporter notifying Travelocity, the file was deleted.

"No matter how good you think you are at what you do, if you do this enough times without constant vigilance, that's what happens," Mariscano said.

Travelocity has not received complaints from contest entrants over the breach, but Mariscano said most are probably not aware that this happened.
Share this article:

Sign up to our newsletters

Follow us on Twitter @dmnews

Latest Jobs:

More in News

News Byte: Comcast Expanding Global Ad Delivery Through Partnership

News Byte: Comcast Expanding Global Ad Delivery Through ...

Through a partnership with Adstream , Comcast's AdDelivery Service expands its footprint across the globe.

40 Under 40 2014: Nominations Are Now Open!

40 Under 40 2014: Nominations Are Now Open!

It's time to nominate the 2014 crop of young marketing luminaries for Direct Marketing News's 40 Under 40 Awards. The deadline is Friday, June 6, 2014.

News Byte: MediaCrossing Partners with ASL Marketing on Youth Marketing Tool

News Byte: MediaCrossing Partners with ASL Marketing on ...

The digital media trading firm and marketing database company aim to help marketers target 13 to 34 year olds.