Two Out of Three Hotels Accidentally Leak Guests' Personal Data: Symantec

Advertisement
By Reuters | Updated: 10 April 2019 17:57 IST

Two out of three hotel websites inadvertently leak guests' booking details and personal data to third-party sites, including advertisers and analytics companies, according to research released by Symantec on Wednesday.

The study, which looked at more than 1,500 hotel websites in 54 countries that ranged from two-star to five-star properties, comes several months after Marriott International disclosed one of the worst data breaches in history.

Advertisement

Symantec said Marriott was not included in the study.

Compromised personal information includes full names, email addresses, credit card details and passport numbers of guests that could be used by cybercriminals who are increasingly interested in the movements of influential business professionals and government employees, Symantec said.

Advertisement

"While it's no secret that advertisers are tracking users' browsing habits, in this case, the information shared could allow these third-party services to log into a reservation, view personal details and even cancel the booking altogether," said Candid Wueest, the primary researcher on the study.

The research showed compromises usually occur when a hotel site sends confirmation emails with a link that has direct booking information. The reference code attached to the link could be shared with more than 30 different service providers, including social networks, search engines and advertising and analytics services.  

Advertisement

Wueest said 25 percent of data privacy officers at the affected hotel sites did not reply to Symantec within six weeks when notified of the issue, and those who did took an average of 10 days to respond.

"Some admitted that they are still updating their systems to be fully GDPR-compliant," Wueest said, referring to Europe's new privacy law, or the General Data Protection Regulation, which took effect about a year ago and has strict guidelines on how organisations should deal with data leakage.

Advertisement

© Thomson Reuters 2019

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Further reading: Symantec
Advertisement

Related Stories

Popular Mobile Brands
  1. OnePlus Exits US, Europe, Continues Operations in India: 5 Things to Know
  2. Lava Virat V1 5G, Virat V1 Key Specifications Confirmed Before India Launch
  3. Tecno Camon 50 Ultra 5G With a 6,500mAh Battery Debuts in India: See Price
  4. Oppo K15 Launch Date Confirmed; Key Specifications Revealed Ahead of Debut
  5. iPhone 18 Pro Max Could Get a New Sony Sensor With Variable Aperture Tech
  6. Asus Re-Enters India's Tablet Market With the Upcoming Asus Pad T3201
  7. GTA 6 on Track to Make Up to $5.2 Billion in First Week, Says Analytics Firm
  1. Poco M8 Power, Poco X8 India Launch Timeline Tipped; Could Arrive as Rebranded Redmi Note 17 Series
  2. Samsung Galaxy S25 Series Could Get Galaxy S26’s Horizontal Lock Camera Feature With One UI 9 Update
  3. Asus Pad India Launch Date Announced as Company Reveals Key Specifications
  4. iPhone 18 Pro Max Diagnostics Log Reportedly Reveals Variable Aperture Camera, Sony Sensor Upgrade
  5. Vivo X500 Ultra Leak Suggests Three 200-Megapixel Telephoto Sensors Under Testing
  6. iQOO Z11 Lite Price Range in India, Key Specifications Revealed Ahead of Official Launch
  7. Lava Virat V1 5G, Virat V1 Specifications Revealed Ahead of July 24 India Launch
  8. Oppo K15 Launch Date Confirmed; Key Specifications Revealed Ahead of Debut
  9. WhatsApp Usernames Are Now Reportedly Available for Some Android and iOS Users
  10. Meta Introduces New Parental Alerts for Teen Suicide and Self-Harm Conversations
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.