HotelHippo.com Closes after Data Leak

Only two weeks after Code Spaces was forced out of business, another website is sharing the same fate.

The following statement was released by HotelHippo.com’s owner, HotelStayUK:

“HotelHippo has shut down and will not reopen. Our investigations showed that just 24 customers were affected by the issues with HotelHippo. This was a small very little used site. But for even one customer, it is obviously completely unacceptable and we are very sorry. We have therefore contacted all these customers and have offered them compensation. We have also set up a helpline where customers can contact us by calling 08446 606 007.

Security of our customers’ data is of the upmost importance to us. Despite there being no issues with our other sites, as the login process is quite different, as a precaution, we advised affected customers and took down all sites in the group one by one to put them through rigorous testing by independent experts to ensure their safety and security. These independent experts will be employed on an on-going basis to regularly test our sites.”

(Read our older post for details of the vulnerability.)

hippo-closed

The fact that the service provider is now putting its other websites through ‘rigorous testing’ is worth applauding, but it won’t bring HotelHippo.com back.

Regular penetration tests are a must

Organisations that don’t conduct regular penetration tests are failing their customers and are putting their existence at risk, just like Code Spaces and HotelHippo.com. Ignorance of vulnerabilities and how to patch them up makes the likelihood of repelling cyber attacks very slim, especially as the availability of free automated software on the internet is making black hat hacking easier by the day.

No Responses