Study finds hotels leak personal information
Two out of three hotel websites inadvertently leak guests’ booking details and personal data to third-party sites, including advertisers and analytics companies, according to Symantec Corp.
The study released yesterday, which looked at more than 1,500 hotel websites in 54 countries and regions that ranged from two-star to five-star properties, comes several months after Marriott International disclosed one of the worst data breaches in history. Marriott was not included in the study.
Compromised personal information includes full names, e-mail addresses, credit card details and passport numbers that could be used by cybercriminals who are increasingly interested in the movements of influential business professionals and government employees.
“While it’s no secret that advertisers are tracking users’ browsing habits, in this case the information shared could allow these third-party services to log into a reservation, view personal details and even cancel the booking altogether,” said Candid Wueest, the primary researcher on the study.
The research showed compromises usually occur when a hotel site sends confirmation e-mails with a link that has direct booking information. The reference code attached to the link could be shared with more than 30 different service providers, including social networks, search engines and advertising and analytics services.
Wueest said 25 percent of data privacy officers at the affected hotel sites did not reply within six weeks when notified of the issue, and those who did took an average of 10 days.
- About Us
- |
- Terms of Use
- |
- RSS
- |
- Privacy Policy
- |
- Contact Us
- |
- Shanghai Call Center: 962288
- |
- Tip-off hotline: 52920043
- 沪ICP证:沪ICP备05050403号-1
- |
- 互联网新闻信息服务许可证:31120180004
- |
- 网络视听许可证:0909346
- |
- 广播电视节目制作许可证:沪字第354号
- |
- 增值电信业务经营许可证:沪B2-20120012
Copyright © 1999- Shanghai Daily. All rights reserved.Preferably viewed with Internet Explorer 8 or newer browsers.