Chinese hackers leak 20 million hotel guests’ data on WeChat

Patrick Boehler of the South China Morning Post reports:

Hackers in China have leaked a database of an estimated 20 million hotel reservations on multiple websites and even WeChat, the wildly popular messaging service, reflecting failed government efforts to prevent massive leaks of personal data.

Online security watchdog WooYun said in September that hackers had taken advantage of a security loophole at CNWisdom, a Zhejiang-based company that calls itself the country’s largest provider of wireless internet for hotels, to gain access to thousands of records of hotel bookings, including details such as phone numbers, e-mail addresses and residential addresses.

CNWisdom said at the time that the fact that hotels which were not among its clients had also been affected by the leak suggested another source for the leak. A website that sprung up offering the data was quickly shut down, but as of December, the data has spread.


Websites with the leaked data, of which there are at least three, offer easier search functions and reveal detailed bookings including phone numbers and birthdates with name search functions. Peer-to-peer file-sharing sites are also offering the data.

Read more on SCMP.

This could also be a wet dream for burglars who could look for advanced bookings and know when homeowners will be away from home.

About the author: Dissent

Comments are closed.