A St Albans based hotel booking website is being investigated by a data privacy watchdog after leaking large amounts of personal customer data.
HotelHippo.com is being investigated for exposing information that could allow the matching of hotel bookings with home addresses.
The Information Commissioner's Office (ICO), opened an investigation yesterday. A spokesman said: "We will be looking into the matter to establish the full details.”
The exposure centred on the use of unique web addresses, which displayed customer data, despite the the website displaying several trust stamps and "secure" messages.
A unique five-figure number would appear in the address bar of the web browser when a booking was placed.
However simply changing this number meant any site-user could be exposed to previous booking details including the date, location and length of a hotel stay.
The home address of the person who made the booking could also be revealed on a separate page.
HotelHippo.com has since closed down its site stating “urgent site maintenance” as the reason.
The St Albans & Review is awaiting a response from the website.