Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Budget hotel chain, UK political party, Monzo Bank, Patreon caught in Typeform database hack

All insist financial data is safe – but not names nor emails

More entities affected by the computer security breach at web form and survey company Typeform have come forward, including budget hotel chain Travelodge and UK political party the Liberal Democrats.

The survey-as-a-service biz discovered on 27 June that an intruder had accessed files from a "partial backup" dated 3 May containing what it termed as "partial information".

The third-party supplier has contacted its customers, which include the Electoral Commission for the State of Tasmania and Fortnum & Mason among many others, to detail the specific impact on them.

An email sent to Travelodge customers – seen by The Register – stated it has been "working very closely with Typeform to establish the facts", and claimed customers' accounts, bookings, passwords and payment details were not affected by the breach.

"However, Typeform believe that your first name, date of birth, mobile number, email address have been acquired by an unauthorised third party," the letter from Travelodge stated.

"While we have not been made aware of any fraudulent use to date, it is possible that you could receive unwanted contact and your details may be used to find out more about you," it added. "You should therefore remain vigilant for any unusual activity."

The hotel chain confirmed it has contacted the Information Commissioner's Office, as have the Lib Dems, which also wrote to its supporters confirming its Member Experience Survey had been exposed.

"This survey contained your name and email address, so please watch out for potential phishing scams or spam emails. This survey also contained information about your political opinions, such as the campaigns and policy areas most important to you," the note stated.

A spokeswoman at Travelodge sent us a statement: "We sincerely regret any inconvenience this incident may cause."

No financial or other sorts of data were compromised, the hotel chain assured cusotmers. The Lib Dems said that Typeform had "responded immediately and fixed the source of the breach," but added:

We are in communication with Typerform and will be re-evaluating our relationship with them in light of this incident. We take the security of our data seriously and if we are not satisfied that sufficient steps have been taken to secure your data, we will terminate our relationship with Typeform.

Startup bank Monzo, which was caught up in the Ticketmaster hack, has also warned its customers. Again, it has assured customers that all is well.

"Our initial investigations suggest that some personal data of about 20,000 people is likely to have been included in the breach," the bank wrote. "For the vast majority of people, this was just their email address. For a much smaller proportion of others, this may have included other data like their Twitter username or postcode."

Monzo has also stated that "no one’s bank details have been affected, and your money and account are safe."

We've also learned that subscription content platform Patreon used Typeform and has warned users their names and email addresses may have been compromised. ®

 

Similar topics

Similar topics

Similar topics

TIP US OFF

Send us news


Other stories you might like