This article appeared in SC Magazine on January 8, 2020
In an incident reminiscent of the one at Ashley Madison, a Japanese search engine used to find Love Hotels – locations used for sexual assignations – has been breached though there is no evidence that any data has been leaked.
Almex, the parent company of HappyHotel.jp, was alerted to unauthorized access to its servers on December 22, according to a report by ZDNet. While the hackers were able to access the personal data of Love Hotel customers, the company doesn’t believe the data has been used or published yet.
“An aggregator like HappyHotel is not your average hotel booking site–it’s neither for family vacations or for business trips,” said Mike Bittner, associate director of digital security and operations for The Media Trust. “Users will want to keep their data private and protect information on their activities from public exposure.”
Bad actors could use the data to extort money from hotel customers “and cause irreparable damage to their private and public lives,” Bittner said. “Site owners that facilitate sensitive activities that users wouldn’t want made public should exercise extra security precautions to prevent breaches.”
Not are only the site owners who provide “sensitive activities” to customers at risk and should take extra precautions to protect information, “the digital third parties that support it, are likely in the crosshairs of bad actors who want to score and profit from extra-sensitive information,” he said.