Full details of the security breach are not available, however a company spokesperson claimed that a limited number of people were affected.
Apparently, no financial information or payment details were stolen in the attack according to Travelodge.
In a letter to customers signed by the company’s chief executive Guy Parsons, it contains little information about the nature of the leak, although it stresses that Travelodge had not sold user data to a third party.
It also quotes the spam email that some customers have received.
“Good day. Don’t miss exciting career opening. The company is seeking for self-motivated people in United Kingdom to help us spread out our activity in the UK area,” said the message.
The company promised to give further updates once it has completed an internal investigation.
Stealing names and email addresses is a favoured tactic of cyber criminals, who use the information to send “phishing” messages to the affected customers.
In many cases, they pose as the company that the data was stolen from in the first place.
Typically, recipients are asked to click on a link that will infect their computer with malicious software. Or the criminals may solicit financial information directly.
Security experts warn users to pay close attention to the address where an email is sent from and the web URL of any links it contains.
Even when these look genuine, people should avoid handing over any secure information in response to unsolicited messages.
Although there appear to have been a spate of amateur hackings recently, organised criminal gangs prey on websites in an attempt to make money from insecure databases.