When the BBC reported on the issue, the site – which had previously been ignoring the concerns of security researcher Scott Helme – was taken down “for maintenance”.
Here’s what you would have seen if you visited hotelhippo.com:
Well, if you visit the site today you’ll see this slightly different message.
Website Permanently Closed
If you have any queries, please call us on 08446 606 000 or email email@example.com
We sincerely apologise for the inconvenience caused.
Hmm. Goodbye and good riddance, methinks.
Clearly HotelStayUK, who own Hotel Hippo, decided it was too daunting a task to fix the multitude of privacy and security problems – and so have just decided to call it quits.
HotelHippo has shut down and will not reopen. Our investigations showed that just 24 customers were affected by the issues with HotelHippo. This was a small very little used site. But for even one customer, it is obviously completely unacceptable and we are very sorry. We have therefore contacted all these customers and have offered them compensation. We have also set up a helpline where customers can contact us by calling 08446 606 007.
Security of our customers’ data is of the upmost importance to us. Despite there being no issues with our other sites, as the login process is quite different, as a precaution, we advised affected customers and took down all sites in the group one by one to put them through rigorous testing by independent experts to ensure their safety and security. These independent experts will be employed on an on-going basis to regularly test our sites.
One hopes that the other websites run by HotelStayUK are being carefully examined for their own security vulnerabilities and privacy holes, and will only return online once the company is confident that it has a handle on the situation.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.