Technology
Hackers target Denmark's Tivoli park, guests info stolen
Copenhagen, Aug 17
The Copenhagen-based Tivoli, one of the oldest and most popular amusement parks in Europe, has now joined the unfortunate online "rogues gallery" of major Danish companies whose customer data has been hacked from their websites.
Details about the extent of the early August hack into the website of Denmark's premier tourist destination were made public on Saturday.
Hackers targeted My Tivoli, a site where guests can login and access Tivoli products and annual cards. They can use My Tivoli to access the theme park and get an overview of past purchases, Xinhua news agency reported.
Tivoli, the spiritual home of over 4 million thrill-seeking visitors, admitted that this popular website had been compromised when up to a thousand guests had their personal information -- names, addresses, phone numbers, e-mail addresses, date of birth and information about guests' previous purchases at Tivoli, even credit card information -- stolen.
Jonas Buhl Gregersen, Tivoli's Director of IT and Business Development, deemed the hack "intelligent" rather than a classic "brute force attack".
During this attack on My Tivoli, Gregersen said that there were a maximum of three logins with the same email address and a maximum of two with the wrong password.
In contrast, a brute force hack would have tried to log in with the same email address continuously for a prolonged period.
Gregersen said the hack was discovered quickly by vigilant website administrators who noticed an unusual spike in customer logins.
The spike occurred due to innocent guests logging in to their account, along with hackers, after they received an automatic email from Tivoli informing them that their My Tivoli profile had been logged onto from a different device.
Despite the breach, Gregersen could provide no good explanation as to the motives of the attackers, only suggesting that hackers may have have been testing the systems security, "curious" about what could be done.
No similar incidents had ever happened on the My Tivoli website before this.
Immediately following the discovery of the hack, all affected customers were both informed and assured that no credit cards were used to make purchases. The site was now secure.
The incident was reported to both the police and the Danish Data Inspectorate.
Details about the extent of the early August hack into the website of Denmark's premier tourist destination were made public on Saturday.
Hackers targeted My Tivoli, a site where guests can login and access Tivoli products and annual cards. They can use My Tivoli to access the theme park and get an overview of past purchases, Xinhua news agency reported.
Tivoli, the spiritual home of over 4 million thrill-seeking visitors, admitted that this popular website had been compromised when up to a thousand guests had their personal information -- names, addresses, phone numbers, e-mail addresses, date of birth and information about guests' previous purchases at Tivoli, even credit card information -- stolen.
Jonas Buhl Gregersen, Tivoli's Director of IT and Business Development, deemed the hack "intelligent" rather than a classic "brute force attack".
During this attack on My Tivoli, Gregersen said that there were a maximum of three logins with the same email address and a maximum of two with the wrong password.
In contrast, a brute force hack would have tried to log in with the same email address continuously for a prolonged period.
Gregersen said the hack was discovered quickly by vigilant website administrators who noticed an unusual spike in customer logins.
The spike occurred due to innocent guests logging in to their account, along with hackers, after they received an automatic email from Tivoli informing them that their My Tivoli profile had been logged onto from a different device.
Despite the breach, Gregersen could provide no good explanation as to the motives of the attackers, only suggesting that hackers may have have been testing the systems security, "curious" about what could be done.
No similar incidents had ever happened on the My Tivoli website before this.
Immediately following the discovery of the hack, all affected customers were both informed and assured that no credit cards were used to make purchases. The site was now secure.
The incident was reported to both the police and the Danish Data Inspectorate.
16 minutes ago
AAPI Honors Three Trailblazing Physicians at the 44th Annual Convention in Tampa
18 minutes ago
Former US Security Adviser warns Trump policies driving allies away
18 minutes ago
Nikki Haley rules out bid for US senate seat
19 minutes ago
Oil prices surge three per cent amid escalating US-Iran tensions
20 minutes ago
Netanyahu backs Iran talks, eyes end to US aid
21 minutes ago
US launches fresh strikes on Iran
21 minutes ago
Ro Khanna says armed settlers in Israel's West Bank detained him
22 minutes ago
Trump mourns ‘unique’ ally Lindsey Graham
23 minutes ago
Netanyahu's remarks on India reveal a structural shift and signal defence ties: Report
24 minutes ago
US bases in Jordan, Qatar, Oman hit, says IRGC
25 minutes ago
US Senator and key Trump ally Lindsey Graham dies
27 minutes ago
Govt mulls common standards for messaging platforms after WhatsApp username row
28 minutes ago
Centre, Meghalaya to host two-day national conference on NextGen administrative reforms from July 13
