Skip banner
HomeSourcesHow Do I?Site MapHelp
Return To Search FormFOCUS
Search Terms: personal w/5 information w/5 privacy

Document ListExpanded ListKWICFULL format currently displayed

Previous Document Document 343 of 575. Next Document

Copyright 2000 Star Tribune  
Star Tribune (Minneapolis, MN)

January 8, 2000, Saturday, Metro Edition

SECTION: BUSINESS; Pg. 1D

LENGTH: 731 words

HEADLINE: Some online customers lose privacy in NWA gaffe;
Mistake leaves some personal data vulnerable

BYLINE: Tony Kennedy; Staff Writer

BODY:
A programmer's mistake in the online booking system at Northwest Airlines left the credit card numbers and other personal information of some customers without full privacy protection, the airline said Friday.

     The Eagan-based carrier this week alerted those who made online transactions during the period in question. Northwest declined to specify the timing of the lapse, nor would it say how many customers made transactions on the under-protected system.

     "We believe the risk is very slight," Northwest spokesman Jon Austin said. "We put steps in place to prevent it from happening again."      In e-mails to affected customers, the airline said, "We have no evidence to indicate that this situation has resulted in any breach of privacy." But the notices urged the customers to contact Northwest immediately "if you believe you have experienced fraudulent use of your credit card due to this situation."

     By late Friday, the airline had not received any reports of suspected fraud, Austin said.

     No matter the consequences, the incident gave independent travel agents ammunition to keep customers from straying onto the Internet to book airline tickets _ a growing practice that many agents believe is a threat to their livelihoods.

     Airlines throughout the United States have been encouraging online booking because it saves them from paying commissions to travel agents.

     "For someone to risk having a credit card out there in cyberspace is an unnecessary risk," said Sharon Walsh of Schilling Travel in Minneapolis. "It's a mystery why people would do that."

     She said there is a false perception among some travelers that travel agents can't match the deals they get by booking directly online with airlines.

     "Many times we can do better," Walsh said.

     James Ashurst, a spokesman for the American Society of Travel Agents, a national trade organization based in Washington, D.C., said major airlines have the systems to provide adequate privacy protection for online booking. But the Northwest example is a reminder that those systems can break down.

     "There is a lot of peace of mind to be had in dealing with human beings," Ashurst said. "The technology may be there, but the comfort level isn't, and stories like these don't do much to increase consumer confidence."

.

Customer noticed problem

     The problem at Northwest arose on the WorldPerks frequent flier award booking section of http://www.nwa.com, the airline's official Web site. Northwest told affected customers that their names, addresses, telephone numbers and credit card numbers may have been transmitted without full privacy protection.

     Northwest discovered the problem when a customer didn't see a small "lock" icon as he placed his order in mid-December. He notified the carrier that the information was not secure.

     Austin said a WorldPerks computer programmer doing maintenance on the site forgot to restore the security system. The WorldPerks database wasn't left unprotected, he said. Rather, the individual transactions were left unprotected en route to Northwest's computer because they were transmitted without encryption.

     "The integrity of the Web site is unaffected by this," Austin said.

     For any person to tamper with the credit card numbers and other personal information, they must have had access to the live data stream or now have access to archives of the data stream, Austin said. The company isn't disclosing how long the encryption layer was missing because it would provide a clue to someone who wanted to hack into archived information.

     "We're guarding against a very small possibility," Austin said.

     Andrew Shen, policy analyst for epic.org, an electronic privacy information center, criticized Northwest for being careless. He said the use of credit cards in electronic commerce can be safe for consumers, but only when companies are vigilant about protecting customers' privacy.

     "It's an example of one company being sloppy. Customers will start to lose trust in them," Shen said. "Privacy and security is the foremost concern that any company should have with their online operations."

     As part of Northwest's apology to individuals who made transactions during the encryption breakdown, the airline is offering them each 5,000 WorldPerks miles.



LOAD-DATE: January 13, 2000




Previous Document Document 343 of 575. Next Document


FOCUS

Search Terms: personal w/5 information w/5 privacy
To narrow your search, please enter a word or phrase:
   
About LEXIS-NEXIS® Academic Universe Terms and Conditions Top of Page
Copyright © 2002, LEXIS-NEXIS®, a division of Reed Elsevier Inc. All Rights Reserved.