Teletext Holidays Exposed Customer Calls

Teletext Holidays websiteImage copyright Screengrab
Image caption Teletext Holidays has reported the breach to the ICO, but would not reveal which details were exposed

The recorded telephone calls of 200,000 customers were left exposed on a cloud server for three years, an investigation by The Verdict found.

The firm behind the brand - Truly Travel - has now reported the breach to the Information Commissioner's Office.

The audio files were recorded between April and August 2016.

The Verdict claims that in some recordings it heard, partial credit card numbers are spoken.

The audio files were stored on an Amazon Web Services in the latest in a long line of security issues for businesses using the cloud.

Truly Travel, which trades under the name Teletext Holidays, told the BBC: "Our booking procedure does not allow agents to take card numbers over the phone. Customers are asked to punch their card details into a secure automated system. If a customer attempts to give their card information verbally, they are stopped by the agent."

It added: "Once the matter was brought to our attention, we immediately secured the files in question. We have contacted the Information Commissioner's Office."

The calls ranged from a few minutes to up to an hour and involved discussion of holiday details. In some heard by The Verdict people begin to say their card number.

When firms take credit card numbers, whether spoken or tapped into a phone, they are obliged to mute this section of the call.

Security consultant Graham Cluley said: "Most consumers accept that recordings may be kept for 'training purposes', but you also expect them to be stored securely and certainly not left lying around in an internet-connected bucket where any Tom, Dick or Harry could access them with malicious intent.

"Things are made even more serious by the fact that some of these records had transcriptions, making it even easier for a criminal to scour through the database to access information that they could monetise with fraudulent intent."

RECENT NEWS

From Chip War To Cloud War: The Next Frontier In Global Tech Competition

The global chip war, characterized by intense competition among nations and corporations for supremacy in semiconductor ... Read more

The High Stakes Of Tech Regulation: Security Risks And Market Dynamics

The influence of tech giants in the global economy continues to grow, raising crucial questions about how to balance sec... Read more

The Tyranny Of Instagram Interiors: Why It's Time To Break Free From Algorithm-Driven Aesthetics

Instagram has become a dominant force in shaping interior design trends, offering a seemingly endless stream of inspirat... Read more

The Data Crunch In AI: Strategies For Sustainability

Exploring solutions to the imminent exhaustion of internet data for AI training.As the artificial intelligence (AI) indu... Read more

Google Abandons Four-Year Effort To Remove Cookies From Chrome Browser

After four years of dedicated effort, Google has decided to abandon its plan to remove third-party cookies from its Chro... Read more

LinkedIn Embraces AI And Gamification To Drive User Engagement And Revenue

In an effort to tackle slowing revenue growth and enhance user engagement, LinkedIn is turning to artificial intelligenc... Read more