RIGHT BG
Two computer security experts are calling on the 20 million people whose hotel check-in information has been leaked online to file a lawsuit against several well-known hotel chains, local media reported Monday.
A website that provided the residents' hotel registration information first appeared on October 10 and grabbed the public's attention after a link to the site was posted on a microblog on October 18, the news portal eastday.com reported.
The website prompted users to enter a name or State identification number. For a resident whose information had been leaked, the site returned a name, gender, ID number, mobile phone number, e-mail address and recent check-in dates.
The two computer security experts decided to pursue legal action after finding out that their information was also on the site, the Shanghai Evening Post reported.
"We have consulted a lawyer, and are now calling on people to check whether their information has been leaked online and report to us if they find they are victims," said Zhang Wei, one of the computer security experts.
Zhang said that there are many people who remain unaware that their personal information is online.
Although the original website was soon closed down, other similar websites have continuously sprung up to replace it, eastday.com reported.
At least one was still operating Monday, though it did not specify which hotels the user has checked into.
Zhang said that the information leak is dangerous because it could be tapped for all manner of criminal activity. "For example, a hacker could easily get the passwords to someone's e-mail accounts with his or her cellphone number or birthday. And from the e-mail account, the hacker might be able to get his or her online bank account number and password," Zhang told the Global Times.
Zhang acknowledged that it will be difficult to prove that the information came from a specific hotel's registration system. "We will need to find enough victims who can provide check-in information to prove that the online database contains a hotel's customer information," Zhang said.
A domestic Internet security monitoring platform, wooyun.org has announced that many hotels have their customer registration information stored by a Wi-Fi technology service provider, Cnwisdom, and the information was leaked from the Wi-Fi provider.
The Home Inn admitted to using Cnwisdom's service, and claimed that it would fix the bug as soon as possible, the Shanghai Evening Post reported.
Shang Jiangang, the lawyer representing Zhang and the other security expert, Wang Jinlong, said that they have not yet decided which parties to sue, but plan to sue the hotels for failing to protect their customers' personal information. "Hotels have a responsibility to protect their guests during their stay, and that includes protecting their check-in information," Shang told the Global Times.
Shang said that their compensation claim will depend on the number of victims that Zhang and Wang find and the amount of money that it will cost to purge the leaked information from the Internet.
Copyright ©1999-2018
Chinanews.com. All rights reserved.
Reproduction in whole or in part without permission is prohibited.
