Software loophole puts Chinese budget hotel guests' privacy at risk

Home Inn Hotels and the popular Hanting chain are reported to have used the faulty hotel management software

PUBLISHED : Friday, 11 October, 2013, 2:13pm
UPDATED : Friday, 11 October, 2013, 3:01pm


More on this story

A security loophole in software used by some of China’s most popular budget hotel chains has put their customers’ privacy at risk, an independent internet security watchdog revealed this week.

Home Inn Hotels, China's second-largest budget hotel chain and the popular Hanting chain, both Nasaq-listed, were among hotels to have used the faulty hotel management software, said Chinese media reports based on information released by Hanting has denied the accusation.

The hotel management software developed by Zhejiang-based CNWISDOM stored personal information belonging to their clients' customers on CNWISDOM servers, which were vulnerable to attack by hackers due to loopholes in CNWISDOM's encryption technology, said Wuyun.

Information engineers at were able to obtain personal information of hotel guests by hacking into the faulty software. A sample document they posted online shows the names, ID numbers and check-in dates of customers.

Home Inn Hotels couldn’t be reached for comment on Friday. A spokesperson at Hanting told in a phone conversation that Hanting’s hotels never used the software in question. Hanting told Chinese media on Friday that despite being a business partner of CNWISDOM, it had only purchased hardware from the company.

CNWISDOM said in an online statement on Thursday that it had upgraded its software to fix the security issue.

Read more SCMP China Insider stories by Amy Li or follow her on Twitter