Two Out of Three Hotels Accidentally Leak Guests' Personal Data: Symantec

Two out of three hotel websites inadvertently leak guests' booking details and personal data to third-party sites, including advertisers and analytics companies, according to research released by Symantec on Wednesday. From a report: The study, which looked at more than 1,500 hotel websites in 54 countries that ranged from two-star to five-star properties, comes several months after Marriott International disclosed one of the worst data breaches in history. Symantec said Marriott was not included in the study. Compromised personal information includes full names, email addresses, credit card details and passport numbers of guests that could be used by cybercriminals who are increasingly interested in the movements of influential business professionals and government employees, Symantec said.

NOW DON'T BE SAAAAD

Cause two outta three ain't baaad

Re:Sorry

[flippy]

I think the point of the article was that the hotels weren't trying to share the information, they leaked it by accident.

Re:Sorry

Hope you get burned good by one of the leaks.

I'm in the Ku Klux Klan

And I support free speech.

Now it's the Berkeley liberals that championed the free speech movement in the 60's that are trying to shut down free speech on the internet.

It's ironic how that happened. It's a 180 degree reversal.

Re:I'm in the Ku Klux Klan

[DickBreath]

Look, Berkeley is NOT trying to shut down free speech.

All points of view must be respected and represented. Toward that end, some people's non politically correct point of view must be suppressed so that all points of view are represented.

Re: I'm in the Ku Klux Klan

West coast liberals are fine but possibly associate themselves too easily with the wrong crowd or go way down the rabbit hole with unvetted ideas

Re:I'm in the Ku Klux Klan

[Livius]

I really hope that's irony but shocking number of people actually think like that.

Re:I'm in the Ku Klux Klan

[DickBreath]

We can not tolerate intolerant people. And I dislike biased people so much that I am highly biased against them.

Accidentally?

[DickBreath]

Do they make money from these accidental leaks of your data?

Re: Accidentally?

A young Russian girl leaked all over orange man

Re:Accidentally?

They don't make money but they save money by not investing into IT security. The punishment for leaked data is so low that the investment in better security is not worth it.

Re:Accidentally?

[ediron2]

Likely not *directly*. Accidental is an excuse claimed when someone shares data needed for reservations or other partner activities, and overshares. Direct and thus intentional would be 'hey, here are prospects for your tourism/rental service.' And like others have said, leaks are cheaper than plumbers right now.

"Accidentally"

The only accident was not getting paid to do it.

Re:Sorry

Hospitals are private companies and they can use your data any way they like. You agreed to this when you were dropped there in the ambulance. If you don't like this policy then you can choose to die at home.

The law requires you to give correct personal information to a hotel, just like it requires hospitals to keep your health information on file. You can't choose a different hotel that doesn't keep the information. Thus such information must be protected above and beyond you giving a department store some bogus phone number.

Re:Sorry

[Dunbal]

I'd say I leaked it by accident too. Funny how it only got "accidentally" leaked to those who would most want it, though.

Re:Sorry

[DickBreath]

> You agreed to this when you made the reservation.

Wow! That magic mantra has unlimited power to allow you to do anything.

The hotel can sneak in the middle of the night and harvest your vital organs and sell them to China. After all, you agreed to it when you made the reservation.

It's not like you would have a case in court. After all, your vital organs, plus the money you paid are the consideration in exchange for your use of the room during your stay as a hotel guest.

It's not like you can claim irreparable harm in court, because money is always considered a way to repair damages. You can always go acquire new vital organs on the open market. It is not the hotel's fault if you didn't understand the terms and conditions of the contract.

I'm probably safe.

[Major_Disorder]

Since my "wife" and I always sign in as Mr. & Mrs. Smith.

Re:I'm probably safe.

I liked your movie.

Re:I'm probably safe.

[Major_Disorder]

I liked your movie.

You are the ONLY one.

Re:I'm probably safe.

[antdude]

Add me since I just watched it a few months ago and enjoyed it!

Information needs to be toxic

[FeelGood314]

Companies should be scared to take your personal information and store it. They should hold the bare minimum information required to provide the service they are selling. When I developed commerce websites I never stores credit card information on my systems. Creating user accounts was a pain, you can't ask users to create a unique password for a site they use once a year. Any company that does is delusional.

Accident?!

Incompetence. Businesses demand all this information on us and they cannot be trusted with it. And why do they need it in the first place?
Ask them and you get some BS answer - meaning, they don't even know.

We need EU privacy regulations. Business is incapable of regulating themselves and they need to be put in line - and hefty fines if they violate them.

not news

Hiring bad programmers results in bad code.

Stop using degrees/experience as indicators and test people's skill before hiring. The only solution.

Low Expectations

[Livius]

When I saw the headline my first thought was they were saying it was good news that it was only two out of three and not any higher. Maybe I'm too cynical.

China is looking

[AHuxley]

for US agents who had contact with some of the highest-ranking officials outside China.
A lot of US agents went looking for China Communist party members around the world.
Offers to spy for the US got made to officials outside China.
Now China wants to see who from the USA was in the same hotels at the same time with Communist party members.

So the third

[rsilvergun]

did it on purpose, right?

Accidentally?

[shess]

How many ways can you make a reservation for an individual hotel? I'd guess about 700. Sometimes you can even go directly to the hotel's website to do it!

Likewise, when you use a site like Expedia to make a reservation, have you ever noticed how hard it pushes associated services? You're booking a flight, how about a hotel! How about a rental car! How about dining!

Spraying your data all over the ether is not an accident, it is literally how this industry makes their money. There's a huge collection of interconnected systems, and there's no bouncer saying "You have to be THIS secure to enter the club". In fact, it's the opposite, it's "Hey, I have a lead, here's someone's private information, can you give me a kickback?", and literally nobody cares about what you're doing with the information until someone determines that you're selling it to the mafia or leaving it in an exposed AWS bucket.

Accidentally.