Airbnb worldwide data breach allowing users to access other users inboxes

Airbnb worldwide data breach allowing users to access other users inboxes

Airbnb hosts are reporting a series of worrying privacy breaches happening within the app – allowing them to see the private inboxes of other users.

This highly sensitive information included people’s addresses and the codes to their properties.

The issue appears to be occurring worldwide and poses a major security issue.

What are Digital Privacy Advocates Saying?

A major data leak currently underway at Airbnb is causing large numbers of hosts to receive access to the wrong inbox. As a result, those hosts are able to see the sensitive information of other users including names, addresses, and the codes to get into people’s Airbnb rental homes.

Having access to people’s sensitive personal information, including their names, addresses, as well as property security the codes is putting hosts and consumers at huge amounts of risk – as a result, this one of the most problematic data leaks in recent years.

It seems clear that the leak is going to cause a lot of upheaval for Airbnb hosts, who will need to update the codes to their homes in order to secure them and ensure they are not potentially at risk of burglary.

It is vital for Airbnb to fix whatever is causing the problem right away. Early reports appear to indicate that Airbnb is telling hosts to clear their cookies in order to fix the problem. This is not a suitable response because the onus should not be on consumers to fix Airbnb’s mistake.

In fact some hosts are reporting having access to a different inbox each time they log back in, meaning that Airbnb’s customer support advice is actually compounding the issue.

It will now be necessary to launch a full investigation into the leak to ascertain how and why it occurred, and to figure out what culpability Airbnb should face for having caused such and dangerous data leak.

This could lead to massive fines under GDPR as well as from the FTC. It is worth noting that GDPR alone sets a maximum fine of €20 million or 4% of annual global turnover – whichever is greater – for infringements, meaning this could prove to be very costly indeed for Airbnb.

CATEGORIES
x
0
Posts Remaining