Best Western: 10 customers affected by data breach, not 8 million

Graham Cluley
Graham Cluley
@[email protected]

Yesterday I blogged about the confusion surrounding the Best Western data security breach.

Newspapers had claimed that up to eight million hotel visitors might have had their personal information put in peril. The Best Western hotel group, however, had angrily debunked the claims – saying that reporters had not checked their facts.

Today, Best Western has released another statement, claiming that only one hotel was affected by the hack and the reporter had over-estimated the number of victims by some.. err.. 7,999,990:

Sign up to our free newsletter.
Security news, advice, and tips.

“We can confirm that on August 21, 2008, three separate attempts were made via a single log-on ID to access the same data from a single hotel. The hotel in question is the 107-room Best Western Hotel am Schloss Kopenick in Berlin, Germany, where a Trojan horse virus (sic) was detected by the hotel’s anti-virus software. The compromised log-in ID permitted access to reservations data for that property only. The log-in ID was immediately terminated, and the computer in question has been removed from use.”

“We can also confirm that we have been able to narrow down the number of customers affected by this breach to ten. We are currently contacting those customers and offering assistance as needed.”

So, a robust rebuttal from Best Western – and even though this data breach has been extremely embarrassing for them, it sounds like things were not as bad as initially reported.

Hotel guests with concerns are invited to call Best Western Customer Care at US 800-528-1238.

* Image source:

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.