Credit card details and other personal information of potentially millions of customers of hotel booking sites were on the street thanks to a poorly secured server, the site finds Website planet last week. This is data owned by a facilitating company, Prestige Software.
Prestige Software sells reservation software that allows hotels to automatically offer their rooms for rent on platforms such as Booking.com, Expedia and Hotels.com. Website planet found “years of data” from travel companies and hotel guests.
Website planet has no reason to believe that the data has been stolen by someone else, but cannot rule it out. The information could be used by criminals to carry out malware attacks, commit credit card fraud and steal reservations.
The leak was in a poorly secured Amazon Web Services server and has since been resolved. Website planet says he does not know exactly how many people were affected, due to the amount of data.
Prestige Software was solely responsible for the leak, writes Website planet, which recommends hotel websites to properly screen facilitating companies about their data policy. In a response to Press, Booking.com writes, “There was no data breach on the Booking.com platform in connection with the disclosures Prestige Software made about a breach of their system.” The company further refers all inquiries to Prestige Software.