Hotel booking website HotelHippo.com is facing an investigation by the Information Commissioners’ Office (ICO), following a website problem that allowed customer data to be easily extracted from the vulnerable website.
After initially being contacted by cybersecurity specialist Scott Helme on June 25, it seems the company refused to take action until contacted by BBC. The website was taken offline after the BBC contacted the HotelStayUK-contacted website
Helme was able to walk backwards using the sequential booking reference numbers, pulling customer data step-by-step.
If done properly, a customer’s name, home address, date, location and hotel stay duration could be retrieved – and a clever cybercriminal would be able to write a script to quickly pull all data from the Hotel Hippo website.
Here is what HotelHippo told the BBC:
“We confirm that we have taken down the HotelHippo.com website to take some urgent action to deal with a technical situation. Privacy of customer data is our prime concern, and we are committed to ensuring this safety.”
HotelHippo customers concerned about customer privacy can call them: 08446 646 000, or email info@hotelhippo.com.
Thank you to Scott Helme for providing us with this information
Image courtesy of Mr. Helme
The Assassin's Creed Shadows development team has been facing a difficult time amid an ongoing…
More than twenty years after the launch of Vagrant Story, many are still dreaming of…
LIVE THE HORROR: An immersive disaster story aboard a stunningly realised North Sea oil rig,…
The Philips VA LED display uses an advanced multi-domain vertical alignment technology that gives you…
【TFT Screen: The Interactive Interface】This 75% mechanical keyboard comes equipped with a TFT Screen, serving…
FANDOM FUSION Play as your favorite characters and wield their unique weapons and skills. Team…