Hotel booking website HotelHippo.com is facing an investigation by the Information Commissioners’ Office (ICO), following a website problem that allowed customer data to be easily extracted from the vulnerable website.
After initially being contacted by cybersecurity specialist Scott Helme on June 25, it seems the company refused to take action until contacted by BBC. The website was taken offline after the BBC contacted the HotelStayUK-contacted website
Helme was able to walk backwards using the sequential booking reference numbers, pulling customer data step-by-step.
If done properly, a customer’s name, home address, date, location and hotel stay duration could be retrieved – and a clever cybercriminal would be able to write a script to quickly pull all data from the Hotel Hippo website.
Here is what HotelHippo told the BBC:
“We confirm that we have taken down the HotelHippo.com website to take some urgent action to deal with a technical situation. Privacy of customer data is our prime concern, and we are committed to ensuring this safety.”
HotelHippo customers concerned about customer privacy can call them: 08446 646 000, or email info@hotelhippo.com.
Thank you to Scott Helme for providing us with this information
Image courtesy of Mr. Helme
According to a new report, the GeForce RTX 5090 GPU will be very expensive. It…
A new AMD processor in the form of an engineering model has been leaked in…
SK Hynix has claimed to be the first company to mass-produce 321-layer NAND memory chips.…
SOUNDS GREAT – Full stereo sound (12W peak power) gives your setup a booming audio…
Special Edition Yoshi design Ergonomic controller shape with Nintendo Switch button layout Detachable 10ft (3m)…
Fluid Motion: These flight rudder pedals are smooth and accurate that enable precise control over…