A Vietnamese traveler has been startled to find out that his personal information, including the highly confidential credit account number, had been leaked after making reservations via hotel booking sites.
Users of popular hotel booking sites including Booking.com and Agoda are now concerned over the safety of their personal information after a shocking discovery of a local vacationer.
Vu Hien, a resident of Ho Chi Minh City, recalled the incident in mid-January, when he booked a hotel for his trip to Phu Quoc, a famous tourist island off the southern province of Kien Giang, via Agoda.
After choosing the room, Hien was required to enter his visa account number as confirmation, although he opted to pay at the hotel.
Believing that Agoda would “safeguard and encrypt” users’ credit card information as the website promises, Hien followed the instruction without hesitation.
“I chose to pay at the hotel. The money in my account was insufficient to pay for the room,” the man added.
Everything seemed to be completely fine until Hien checked-in at his resort, when the receptionist took out the piece of paper containing the information of his reservation.
The vacationer glanced at the paper and noticed the important data of his credit card, including the card number, name of the holder, verification code (CVC), and expiration date.
The resort employee later told Hien that the information was provided by Booking.com.
It is extremely risky to disclose such confidential details, Hien stated, adding that bad people could take advantage of the carelessness.
It is also difficult to determine who is to blame if something goes wrong, he said.
“With such information, anyone can use my credit account to pay for their online purchases," Hien asserted.
It is understandable that credit card information is necessary to make online hotel reservation, he remarked, adding that Agoda or other booking sites are responsible for safeguarding those details.
Replying to Hien’s complaint email, a representative from Agoda stated the site has been cooperating with its sister company, Booking.com, adding that both firms offer credit card details to their partners to guarantee the booking.
According to the agreement, the information will not be leaked to unauthorized parties or no action will be taken that compromises the security of users’ credit accounts, the representative continued.
A director of a travel agent stated that credit card information is mandatory to make sure that the reservation is real.
If customers do not show up or have enough cash, the payment will be made via the provided credit account.
During an interview with Tuoi Tre (Youth) newspaper, a representative from Booking.com asserted that customers’ information provided to partner hotels is secured with two-factor authentication.
The hotels are responsible to follow their business protocol which is designed to protect users' personal information.
“In rare cases where our partners do not comply with the protocol, such as this one, we will carry out a prompt investigation,” the representative stated.