News World Two out of 3 hotels accidentally leak guests' personal data -Symantec

Two out of 3 hotels accidentally leak guests’ personal data -Symantec

Two out of three hotel websites inadvertently leak guests’ booking details and personal data to third-party sites, including advertisers and analytics companies, according to research released by Symantec Corp on Wednesday.

The study, which looked at more than 1,500 hotel websites in 54 countries that ranged from two-star to five-star properties, comes several months after Marriott International disclosed one of the worst data breaches in history.

Symantec said Marriott was not included in the study.

Compromised personal information includes full names, email addresses, credit card details and passport numbers of guests that could be used by cybercriminals who are increasingly interested in the movements of influential business professionals and government employees, Symantec said.

“While it’s no secret that advertisers are tracking users’ browsing habits, in this case, the information shared could allow these third-party services to log into a reservation, view personal details and even cancel the booking altogether,” said Candid Wueest, the primary researcher on the study.

The research showed compromises usually occur when a hotel site sends confirmation emails with a link that has direct booking information. The reference code attached to the link could be shared with more than 30 different service providers, including social networks, search engines and advertising and analytics services.

Wueest said 25 percent of data privacy officers at the affected hotel sites did not reply to Symantec within six weeks when notified of the issue, and those who did took an average of 10 days to respond.

“Some admitted that they are still updating their systems to be fully GDPR-compliant,” Wueest said, referring to Europe’s new privacy law, or the General Data Protection Regulation, which took effect about a year ago and has strict guidelines on how organizations should deal with data leakage.

(Reuters)

Top Stories

One new Covid case with travel history

One person has tested positive for coronavirus, bringing the total number of cases to 1005, the Health Ministry said on Tuesday, from a total...

Compulsory use of gloves by employees on way out

    The compulsory use of gloves by employees that was introduced as part of measures to contain the spread of coronavirus is to be scrapped,...

22-year-old sentenced to 13 years in jail for Nicosia manslaughter

The Nicosia Criminal Court handed down on Tuesday a 13-year jail sentence to a 22-year-old foreign national who had pleaded guilty to killing a...

House, car repair shop, storeroom damaged by fire

  A fire which broke out off the Ayii Trimithias and Anthoupolis road on Tuesday afternoon has left a trail of damage in its wake,...

Ministry publishes updated list of labs for Covid-19 tests

  The Health Ministry has published an updated list of private labs which have verified procedures for RT-RCR diagnostic tests, which is the only accepted...

Taste

How to make triandafillo ice cream, by UK Cypriot chef Loulla Astin

  Just in time for the scorching heat, UK Cypriot chef Loulla Astin has shared her recipe for refreshing triantafillo ice cream -- or as...

Cyprus sprouts with cream and prosciutto

In a big, deep frying pan, fry the prosciutto in the olive oil, on medium heat for 2 minutes. Add the onion and garlic...

Pork burger with sundried tomatoes, mozzarella and anchovies

Mix all the ingredients together with the mince in a bowl, and combine well. Divide into 4 balls and form the burgers. Warm a griddle/pan...

Sheftalies

Wash the lamb cauls with plenty of cold water and let them settle in water and vinegar for a little while. Soak the bread crumbs...