June 5, 2006

Laptop theft exposes Hotels.com customer data

NEW YORK (Reuters) - Thousands of Hotels.com customers may
have had their personal information exposed after a laptop
containing Hotels.com data was stolen from an employee of Ernst
& Young, the travel site's auditor.

Hotels.com, a unit of Expedia Inc., told 243,000 of its
customers late last week that their names, addresses and credit
or debit card information may have been compromised in the
theft, according to a letter sent to customers.

The laptop was stolen in February from the employee's car
in what appeared to be a random theft and the computer was
password protected, Ernst & Young said. The auditing firm did
not did not tell Hotels.com of the theft until May.

"There was a lot of data on the computer and it took a
considerable amount of time to identify what that data was,"
Ernst & Young spokesman Charlie Perkins said.

Ernst & Young said it is offering free credit monitoring
for one year to all Hotels.com customers affected by the laptop
theft, and is working with Hotels.com to reach out to customers
whose information is on the computer. The auditing firm also
said it has enhanced its security procedures to encrypt laptop
computers for additional data protection.

Ernst & Young, one of the "Big Four" accounting firms, had
problems with another laptop theft earlier this year. A
computer containing the personal information of workers at Sun
Microsystems, IBM, Cisco, BP Plc and Nokia was stolen.