Survey: Two-thirds of hotels unwittingly leak guest data
Around two-thirds of hotel websites carelessly leak some guest personal data to third-party companies which could also leave them susceptible to scammers, according to a new report.
Cyber security firm Symantec found that booking confirmation emails sent to guests frequently contain links to their booking which are not encrypted, which means anyone on the same network could feasibly get access to the data, including hackers.
This lack of security also allows third-party sites such as advertisers to view personal information.
"The fact that this issue exists, despite the GDPR coming into effect in Europe almost one year ago, suggests that the GDPR’s implementation has not completely addressed how organisations respond to data leakage," said Candid Wueest, principal threat researcher at Symantec.
The company looked at more than 1,500 hotel websites in 54 countries, ranging from two- to five-star properties.
Data which was unwittingly leaked includes names, email addresses, passport numbers and some credit card details
Wueest said data privacy officers at a quarter of all hotels did not reply within six weeks when notified of security issues.
TravelMole Editorial Team
Editor for TravelMole North America and Asia pacific regions. Ray is a highly experienced (15+ years) skilled journalist and editor predominantly in travel, hospitality and lifestyle working with a huge number of major market-leading brands. He has also cover in-depth news, interviews and features in general business, finance, tech and geopolitical issues for a select few major news outlets and publishers.
Boy falls to death on cruise ship
Dozens fall ill in P&O Cruises ship outbreak
Turkish Airlines flight in emergency landing after pilot dies
Unexpected wave rocks cruise ship
Woman dies after going overboard in English Channel