Sunday, 13 September 2020

Are you being hacked? Why your travel data is at risk

Despite many warnings, major travel organisations are again under fire for putting their customer's travel data at risk of being hacked.

British consumer organisation Which? has found firms including Marriott Hotels, British Airways and easyJet had "serious data security vulnerabilities" on their websites, TravelMole reported.

Image: Nour Chamoun
The investigation saw Which? scrutinise the security of websites operated by 98 travel companies, including airlines, tour operators, hotel chains, cruise lines and booking sites.

The investigation found that hotel chain Marriott not only had the most vulnerabilities on its websites but the most critical issues.

Researchers found almost 500 in total and more than 100 of these were judged as 'high' or 'critical'.

Of the 18 critical issues exposed, three were found on a single website of one of its hotel chains.

Which? said it could allow attackers to target the site's users and their data.

Looking at British Airways, the probe unearthed 115 potential vulnerabilities with 12 judged critical.

Most flaws were software and applications that appeared to have not been updated, Which? said, making them "potentially vulnerable to being targeted by hackers".

EasyJet - which earlier this year had a data breach affecting around nine million customers - had 222 vulnerabilities across nine of its domains uncovered by security experts.

Which? said all the issues gave hackers a "backdoor into the system in order to mount a range of attacks".

Rory Boland, editor of Which? Travel, said: “Our research suggests that Marriott, British Airways and easyJet have failed to learn lessons from previous data breaches and are leaving their customers exposed to opportunistic cybercriminals."

No comments:

Post a comment