CyberSecurity/Data

Unhappy saga of Hotel Hippo draws to a close

Data Jimmy Nicholls

14:07, July 3 2014

image

image

Travel website still faces investigation from the information commissioner.

Travel website Hotel Hippo has announced it will close down following news of a potential bug that may have allowed hackers to steal customer data by changing the site URL.

An initial investigation into the bug by the British company revealed 24 customers might have been affected, a finding the firm described as "completely unacceptable".

Chris Orrell, MD of Hotel Hippo, said: "This site was little used, but for each one of those affected customers their security, privacy and safety is of the utmost importance to us.

"This is not something we have ever had to deal with before and we are doing everything we can to deal with the situation and ensure that lessons are learned, both by us and others in the industry."

Site customers were given a five digit code that security consultant Scott Helme of Pentest said was included in the URL, potentially allowing a hacker to retrieve payment details and customer information through altering the address bar.

Helme previously said the site had only taken action once the BBC had got hold of the story, despite him notifying the company by email and telephone.

His report prompted an investigation by the information commissioner's office (ICO), which has confirmed it will continue to look into the alleged breach despite the website's closure, adding that it had nothing to report just yet.

Orrell said that his company would contact every customer who had booked a holiday through the site, offering them compensation for any inconvenience caused.



Source: Company Press Release

Comments

Post a comment

Comments may be moderated for spam, obscenities or defamation.