Platform Used by Expedia and Other Popular Booking Sites Leaks data of 10 Million Guests
If you have used some of the most popular travel sites for your bookings in recent years, your personal data might have been exposed. Prestige Software, a platform that enables hotels to automate their availability on booking websites like Expedia, Booking.com and many others, reportedly stored files dating as far back as 2013 without any protections.
Exposed information included names, credit card details, ID numbers, and reservation details. More than 10 million customers could be affected by this.
It’s not clear yet how long the data was exposed, or whether anyone actually abused the security flaw. The company was storing years of credit card data from hotel guests and travel agents without any protection in place on Amazon Web Services, putting millions of people at risk of fraud and online attacks. Website Planet said the vulnerability was fixed a day after telling AWS about the exposure.
Prestige Software doesn’t list its clients on its website. But based on information from the data in question, the following websites are the ones affected:
- Agoda
- Amadeus
- Booking.com
- Expedia
- Hotels.com
- Hotelbeds
- Omnibees
- Sabre
- and many others
 Chase Sapphire Preferred® Card
Chase Sapphire Preferred® Card is the old king of travel rewards cards. Right now
bonus_miles_full
Learn more about this card and its features!
Opinions, reviews, analyses & recommendations are the author’s alone, and have not been reviewed, endorsed or approved by any of these entities.
Oh wonderful, how did they not bother with the basics? You would think a company would at minimum review security policies annually. Let me guess our compensation will be a year of free credit monitoring. They should be fined to the teeth and then some
Umm…ain’t that company’s slogan “We trust you. Trust Prestige!!”
(www.prestige-soft.com)
Glad to know my credit card date was ONLY exposed on Expedia, and Hotels.com, and the sites of “many others.”