Private data leak from as many as 67% of hotels


The Symantec survey revealed a sad picture of the security situation in the hotel industry. An overview of online reservation systems has shown that more than two-thirds of hotel companies unwittingly disclose personal information about guests or, due to inadequate security mechanisms, provide relatively simple unauthorized penetration into data sources.

Source: Getty Images

The main problem is in the e-mails received by the guest as confirmation of the reservation. They typically contain a web link to confirm the booking, which is often completely unprotected. Unauthorized persons can thus typically come up to their name, surname, address, phone number, e-mail address, passport numbers and even the last digit of the credit card.

Symantec has done research in around 1,500 hotel systems in the US, Canada and the EU, ranging from two to five-star hotels. Serious deficiencies have been found in many European hotels, despite the fact that they should strictly protect this information according to the GDPR provisions.

Named hosts often share guest information with other partners, and these divisions are often made through links that are equally unsecured as mentioned above, which can no longer control who has access to personal information. Symantec does not want to disclose the names of hotels or hotel chains, but they were notified of defects before publishing the results.

Subscribe to regular weekly or monthly announcements of new posts on our website!


Source link