Daily topic hotel open room information leakage network company said the vulnerability has been repa

station network (www.admin5.com) October 16th news, the domestic security vulnerability monitoring platform clouds (WooYun.org) recently released a report, referred to as home, Hanting open house and many other records of the hotel by the third party storage, because of loopholes and leaks.

days ago, the domestic security vulnerability monitoring platform cloud network released the report, such as Xianyang, China World Trade Center, Hangzhou Metropark and ekiya 365 efficient use of all or part of the Zhejiang Hui Da Inn Network Limited (hereinafter referred to as "Zhejiang Hui") WiFi hotel management, development management system certification. Zhejiang Hui on the server real-time storage of these hotel customer records, including customer privacy information name, ID number, date and the number of rooms open room. Zhejiang Huida because there are loopholes in the system, make the information there is a risk of being compromised.

marketing director said Han Hui Da Inn, a technical verification in the monitoring report by the cloud platform, all vulnerabilities have been repaired. Home Inn group public relations department responded that this Hui coaching responsibilities, citing Hui Da Inn said in a statement, did not cause the guest information disclosure. Hanting Hotels belongs to Chinese living group said that the group did not use any Hui coaching equipment. Hui Da Inn official website also announced that, in the field of wireless portal business and Hanting Hotels (China live group), Xianyang China World Trade Center Hotel, Hangzhou Grand Metropark Hotel Suzhou and other customers have cooperative relations. The security problem of wireless portal system, is the responsibility of the Hui Da Inn, has nothing to do with any hotel customers.

yesterday, there is news that the outflow of a large number of hotel guest room open list for users to download. This is a list of true or false download, called compressed files of a hotel 2000W data "has been downloaded more than 7000 times the number of up to 20 thousand passengers, browse. According to industry analysis, the online spread of the hotel guest list download information is stored in the form of a large database, with the previous system leaks out of the data format and data volume are not the same. If the list of information is really true, then the customer information has indeed been a massive leak.

Zhejiang Hui Da Inn Network Co. Ltd. marketing department responsible person said, because the company cooperation in business hotel more, after the incident, the R & D department carried out one by one check on the server. China Hotel Group Public Relations Manager Yu Xin said in an interview at the Hanting Hotels WiFi authentication platform for self – development, but how to protect information security issues, with "professional" as an excuse not to give a positive reply. It is understood that many Econo Hotel still take the form of outsourcing of wireless information technology services, such as Home Inns in the statement promised to strengthen cooperation with the wireless information technology service provider and the third party safety inspection agencies, the establishment of long-term monitoring mechanism, but how to protect user information will no longer respond more.

related reading:

hotel open list of information on the Internet to spread the guest or continue to leak information