Scoop has an Ethical Paywall
Licence needed for work use Learn More

Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search

 

Two in Three Hotel Websites Leak Guest Booking Details

Symantec Threat Intelligence: Two in Three Hotel Websites Leak Guest Booking Details


Hospitality services’ websites may leak your booking details, allowing others to view your personal data or even cancel your reservation.

Based on an analysis of more than 1,500 hotels in 54 countries spread across five continents, Symantec discovered that two out of three hotel websites inadvertently leak guests’ booking details and personal data to third-party sites, including advertisers and analytics companies. With the one-year anniversary of the GDPR just next month, the findings call into question just how much the policy’s implementation has addressed the ways in which organisations handle data leakage.

Some reservation systems were commendable, as they only revealed a numerical value and the date of the stay and did not divulge any personal information. But the majority leaked personal data, such as:

• Full name
• Email address
• Postal address
• Mobile phone number
• Last four digits of credit card, card type, and expiration date
• Passport number

What are the risks?
The 2018 Norton LifeLock Cyber Safety Insights Report recently revealed consumers are concerned about their privacy (83 percent), but most say they accept certain risks to make life more convenient (61 percent).

Advertisement - scroll to continue reading

Many individuals regularly share details of their travels by posting photos on social media networks. Some don't even bother blurring out the booking reference of their tickets. These individuals may not be too concerned about their privacy and may actually want their followers to know about their whereabouts.

An attacker might decide to cancel a reservation just for fun or as personal revenge, but it could also be to damage the reputation of a hotel as part of an extortion scheme or as an act of sabotage carried out by a competitor.

To read the full Threat Intelligence Report please go to https://www.symantec.com/blogs/threat-intelligence/hotel-websites-leak-guest-data

© Scoop Media

Advertisement - scroll to continue reading
 
 
 
Business Headlines | Sci-Tech Headlines

 
 
 
 
 
 
 
 
 
 
 
 
 

Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.