Millions of hotel customers’ details could have potentially been exposed, after a software company was found to have improperly stored sensitive data.
The breach was uncovered by Website Planet, which found that Prestige Software, a company responsible for a hotel reservation system used by booking.com and Expedia, had been storing years’ worth of credit card data from hotel guests and travel agents without any protection in place.
The error put millions of customers at risk from fraud and online attacks.
Extremely sensitive data from as far back as 2013 was being incorrectly stored, with details including credit card and CVV numbers, full names, addresses and ID numbers of guests and comprehensive details about customers’ reservations all unprotected.
Source: The Independent