A St Albans based hotel booking website is being investigated by a data privacy watchdog after leaking large amounts of personal customer data.
HotelHippo.com is being investigated for exposing information that could allow the matching of hotel bookings with home addresses.
The Information Commissioner's Office (ICO), opened an investigation yesterday. A spokesman said: "We will be looking into the matter to establish the full details.”
The exposure centred on the use of unique web addresses, which displayed customer data, despite the the website displaying several trust stamps and "secure" messages.
A unique five-figure number would appear in the address bar of the web browser when a booking was placed.
However simply changing this number meant any site-user could be exposed to previous booking details including the date, location and length of a hotel stay.
The home address of the person who made the booking could also be revealed on a separate page.
HotelHippo.com has since closed down its site stating “urgent site maintenance” as the reason.
The St Albans & Review is awaiting a response from the website.
Comments: Our rules
We want our comments to be a lively and valuable part of our community - a place where readers can debate and engage with the most important local issues. The ability to comment on our stories is a privilege, not a right, however, and that privilege may be withdrawn if it is abused or misused.
Please report any comments that break our rules.
Read the rules here