Ctrip fixes loophole on leaked data
Print Edition
CTRIP, China’s biggest online tourism site with over 140 million users, has fixed a loophole in its website where users’ payment information was leaked, the Nasdaq-listed company said yesterday.
WooYun.org, a website specializing in reporting loopholes, said at the weekend that it managed to download the credit card payment information, such as identity card numbers and bank card data, of 93 users from Ctrip.com, thereby exposing the loophole in the latter’s website. The users hold credit cards with China Merchants Bank.
Ctrip said yesterday that it conducted a thorough inspection and fixed the loophole.
“We found it was a temporary loophole that appeared during the debugging process,” Ctrip said.
It claimed that up to yesterday no user has reported any loss of money. But Ctrip promised to pay for possible losses, if needed.
“We solemnly promise that if users suffer losses due to future safety loopholes, Ctrip will compensate the full amount of losses,” the company said, adding that it has advised the 93 users to apply for a new card.
Shanghai-based Ctrip has created a special fund of 5 million yuan (US$820,000) to research online security enhancement.
Top dot-coms such as Baidu and Tencent have invested heavily in online tourism, which sparked concerns about the safety of credit card information bundled with online accounts and personal data.
The tourism industry was rocked previously when information regarding hotel bookings of several million people was spread online.
- About Us
- |
- Terms of Use
- |
-
RSS - |
- Privacy Policy
- |
- Contact Us
- |
- Shanghai Call Center: 962288
- |
- Tip-off hotline: 52920043
- 娌狪CP璇侊細娌狪CP澶05050403鍙-1
- |
- 浜掕仈缃戞柊闂讳俊鎭湇鍔¤鍙瘉锛31120180004
- |
- 缃戠粶瑙嗗惉璁稿彲璇侊細0909346
- |
- 骞挎挱鐢佃鑺傜洰鍒朵綔璁稿彲璇侊細娌瓧绗354鍙
- |
- 澧炲肩數淇′笟鍔$粡钀ヨ鍙瘉锛氭勃B2-20120012
Copyright 漏 1999- Shanghai Daily. All rights reserved.Preferably viewed with Internet Explorer 8 or newer browsers.
