Blog

Customer finds security flaw on Kayak.com

June 22, 2012

Customers of one popular travel website recently found that their personal information had been comprised after a recent security breach.

Customers of one popular travel website recently found that their personal information had been comprised after a recent security breach.

The Toronto Star reports that Kayak.com user Kevin Hunt discovered that he was able to access information about people, including where they lived, phone numbers, emails and expiration dates of credit cards, using a search feature on the site. In an interview with the paper, Hunt said that the fact that so much information was available was “scary,” and that users of the site had been put in serious danger.

However, when Hunt contacted security executives at the firm he was told that no one’s personal financial information had been comprised.

“Protocol for security breaches is to contact the company and give them time to respond before you go public, as doing so will contribute to risk of someone‚Äôs info being taken,” Kayak.com co-founder Paul English wrote, according to the source.

Businesses that engage in merchant services either online or in a store must comply with Payment Card Industry Data Security Standards (PCI DSS). PCI compliance can be one of the best ways to ensure that no issues happen.

Back To Blog