A study by software giants Symantec has suggested that hotels leaking data is a far more common problem than most people may think.
Their research has indicated that as many as two out of three hotels are leaking data. The data being leaked includes names, email addresses, credit card information and passport information. This kind of data is more than enough for fraudsters and cybercriminals to do some serious damage.
Some 1,500 websites were analysed across 54 different countries as part of the study. This news comes just months after the monumental Marriott data breach that remains fresh in our minds.
Hotels leaking data
Hotels leaking data to third-party sites, advertisers and analytics companies is reportedly rife, according to the Symantec study.
This suggests that we ought to be incredibly worried about how our data is used and leaked within the travel sector. And we’re not just talking basic personal information either. If payment card data and passport data is compromised, the repercussions for the victims could be severe.
The primary researcher in the study stated that some of the research subjects admitted to still updating their systems to be GDPR-compliant. That’s despite the fact that GDPR came into force in May 2018, and we’re now in April 2019; on the approach to the anniversary of the changes!
How are so many hotels leaking data?
The issue of hotels leaking data is understood to be most prevalent when the hotel sends a confirmation email with a link that contains the booking data. It’s reported that the link that comes with the email could be shared with more than 30 other services, such advertising engines, analytics services and social media networks.
It’s these little things where data is being transferred that can lead to a compromise. We saw how easy it was for a simple piece of coding on a website to be altered to copy data and send it to criminals in the huge British Airways data breach, as one of many examples.
The lead researcher in the case said:
“While it’s no secret that advertisers are tracking users’ browsing habits, in this case, the information shared could allow these third-party services to log into a reservation, view personal details and even cancel the booking altogether.”
What can you do as a victim of a hotel data leak?
This includes for cases of hotels leaking data.
If you think you may have a case, please don’t hesitate to contact the team for as free, no-obligation chat about your options.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.
First published by Matthew on April 18, 2019
Posted in the following categories: Claims Cybersecurity Data Latest Security and tagged with cybersecurity | data leak | database security | online security | personal data