Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Security Privacy

Two Out of Three Hotels Accidentally Leak Guests' Personal Data: Symantec (reuters.com) 28

Two out of three hotel websites inadvertently leak guests' booking details and personal data to third-party sites, including advertisers and analytics companies, according to research released by Symantec on Wednesday. From a report: The study, which looked at more than 1,500 hotel websites in 54 countries that ranged from two-star to five-star properties, comes several months after Marriott International disclosed one of the worst data breaches in history. Symantec said Marriott was not included in the study. Compromised personal information includes full names, email addresses, credit card details and passport numbers of guests that could be used by cybercriminals who are increasingly interested in the movements of influential business professionals and government employees, Symantec said.
This discussion has been archived. No new comments can be posted.

Two Out of Three Hotels Accidentally Leak Guests' Personal Data: Symantec

Comments Filter:
  • by DickBreath ( 207180 ) on Wednesday April 10, 2019 @03:31PM (#58417456) Homepage
    Do they make money from these accidental leaks of your data?
    • by Anonymous Coward

      They don't make money but they save money by not investing into IT security. The punishment for leaked data is so low that the investment in better security is not worth it.

    • by ediron2 ( 246908 )

      Likely not *directly*. Accidental is an excuse claimed when someone shares data needed for reservations or other partner activities, and overshares. Direct and thus intentional would be 'hey, here are prospects for your tourism/rental service.' And like others have said, leaks are cheaper than plumbers right now.

  • Since my "wife" and I always sign in as Mr. & Mrs. Smith.
  • Companies should be scared to take your personal information and store it. They should hold the bare minimum information required to provide the service they are selling. When I developed commerce websites I never stores credit card information on my systems. Creating user accounts was a pain, you can't ask users to create a unique password for a site they use once a year. Any company that does is delusional.
  • When I saw the headline my first thought was they were saying it was good news that it was only two out of three and not any higher. Maybe I'm too cynical.

  • for US agents who had contact with some of the highest-ranking officials outside China.
    A lot of US agents went looking for China Communist party members around the world.
    Offers to spy for the US got made to officials outside China.
    Now China wants to see who from the USA was in the same hotels at the same time with Communist party members.
  • did it on purpose, right?
  • How many ways can you make a reservation for an individual hotel? I'd guess about 700. Sometimes you can even go directly to the hotel's website to do it!

    Likewise, when you use a site like Expedia to make a reservation, have you ever noticed how hard it pushes associated services? You're booking a flight, how about a hotel! How about a rental car! How about dining!

    Spraying your data all over the ether is not an accident, it is literally how this industry makes their money. There's a huge collection of

A committee takes root and grows, it flowers, wilts and dies, scattering the seed from which other committees will bloom. -- Parkinson

Working...