Software loophole puts Chinese budget hotel guests' privacy at risk | South China Morning Post
  • Tue
  • Jan 27, 2015
  • Updated: 10:15pm
NewsChina Insider
INTERNET SECURITY

Software loophole puts Chinese budget hotel guests' privacy at risk

Home Inn Hotels and the popular Hanting chain are reported to have used the faulty hotel management software

PUBLISHED : Friday, 11 October, 2013, 2:13pm
UPDATED : Friday, 11 October, 2013, 3:01pm
 

A security loophole in software used by some of China’s most popular budget hotel chains has put their customers’ privacy at risk, an independent internet security watchdog Wuyun.org revealed this week.

Home Inn Hotels, China's second-largest budget hotel chain and the popular Hanting chain, both Nasaq-listed, were among hotels to have used the faulty hotel management software, said Chinese media reports based on information released by Wuyun.org. Hanting has denied the accusation.

The hotel management software developed by Zhejiang-based CNWISDOM stored personal information belonging to their clients' customers on CNWISDOM servers, which were vulnerable to attack by hackers due to loopholes in CNWISDOM's encryption technology, said Wuyun.

Information engineers at Wuyun.org were able to obtain personal information of hotel guests by hacking into the faulty software. A sample document they posted online shows the names, ID numbers and check-in dates of customers.

Home Inn Hotels couldn’t be reached for comment on Friday. A spokesperson at Hanting told SCMP.com in a phone conversation that Hanting’s hotels never used the software in question. Hanting told Chinese media on Friday that despite being a business partner of CNWISDOM, it had only purchased hardware from the company.

CNWISDOM said in an online statement on Thursday that it had upgraded its software to fix the security issue.

Read more SCMP China Insider stories by Amy Li or follow her on Twitter

Share

More on this story

For unlimited access to:

SCMP.com SCMP Tablet Edition SCMP Mobile Edition 10-year news archive
 
 

 

 
 
 
 
 

Login

SCMP.com Account

or