Left Menu
Development News Edition

Guests' personal data leak rampant from hotel websites -Symantec

Devdiscourse News Desk | New Delhi | Updated: 10-04-2019 16:41 IST | Created: 10-04-2019 15:30 IST
Guests' personal data leak rampant from hotel websites -Symantec
The study, which looked at more than 1,500 hotel websites in 54 countries that ranged from two-star to five-star properties, comes several months after Marriott International disclosed one of the worst data breaches in history. Symantec said Marriott was not included in the study. Image Credit:

Two out of three hotel websites inadvertently leak guests' booking details and personal data to third-party sites, including advertisers and analytics companies, according to research released by Symantec Corp on Wednesday.

The study, which looked at more than 1,500 hotel websites in 54 countries that ranged from two-star to five-star properties, comes several months after Marriott International disclosed one of the worst data breaches in history. Symantec said Marriott was not included in the study.

Compromised personal information includes full names, email addresses, credit card details and passport numbers of guests that could be used by cybercriminals who are increasingly interested in the movements of influential business professionals and government employees, Symantec said. "While it's no secret that advertisers are tracking users' browsing habits, in this case, the information shared could allow these third-party services to log into a reservation, view personal details and even cancel the booking altogether," said Candid Wueest, the primary researcher on the study.

The research showed compromises usually occur when a hotel site sends confirmation emails with a link that has direct booking information. The reference code attached to the link could be shared with more than 30 different service providers, including social networks, search engines and advertising and analytics services. Wueest said 25 per cent of data privacy officers at the affected hotel sites did not reply to Symantec within six weeks when notified of the issue, and those who did took an average of 10 days to respond.

"Some admitted that they are still updating their systems to be fully GDPR-compliant," Wueest said, referring to Europe's new privacy law, or the General Data Protection Regulation, which took effect about a year ago and has strict guidelines on how organizations should deal with data leakage.


TRENDING

OPINION / BLOG / INTERVIEW

3D printing and the future of manufacturing post COVID-19

The on-demand, customizable, and localized manufacturing of product components facilitated by 3D printing has the potential to redefine manufacturing but there are certain technical, mechanical, and legal limitations that, unless ...

How UK’s 'best prepared' healthcare system failed to gauge COVID-19

The UK is proud of their public health system and its unlike any other country as around 90 percent of British public supports the founding principles of National Health Service. But without accurate data being available to stakeholders in ...

Poor on IHR capacity progress in 2019, WHO says Cambodia tops COVID-19 response

Despite being in proximity to Hubei, the original epicenter of COVID-19 pandemic, Cambodia has reported just 226 confirmed cases and zero deaths. After seeing the data, WHO appreciated Cambodias healthcare information system but experts dou...

Loopholes in Healthcare Information System may have failed Singapore COVID-19 model

In the initial days of the COVID-19 outbreak, Singapore was in the limelight for its effective healthcare system and pandemic response plan. However, Singapore has now joined the list of the worst-hit nations and the situation is even worse...

Videos

Latest News

U.S. judge denies bail to two men accused of aiding Ghosn escape

A U.S. district judge on Friday denied bail to two Massachusetts men accused of helping orchestrate former Nissan Motor Co Chairman Carlos Ghosns escape from Japan. Judge Indira Talwani rejected bail for U.S. Army Special Forces veteran Mic...

Trump to try going it alone on coronavirus aid after talks with Congress break down

White House officials trying to broker a deal on new coronavirus legislation will advise President Donald Trump to act on his own to deliver relief to Americans suffering from the pandemic, after talks with top Democrats in Congress broke d...

The Midnight Gospel Season 2: Same cast from Season 1, Trussell speaks on its renewal

The Midnight Gospel Season 2 is yet to be officially renewed by Netflix. The way animated web series are getting high attention and viewership from across the world, we believe the second season of The Midnight Gospel will get a greenlight ...

WarnerMedia ousts top streaming executives as part of restructuring

WarnerMedias Bob Greenblatt and Kevin Reilly, executives who oversaw its HBO Max streaming business, will leave as part of a restructuring, the company said on Friday. This is the first major action taken by Chief Executive Officer Jason Ki...

Give Feedback