Crown Plaza Venice hotel booking fiasco could have been avoided

San Mateo, CA, (PresseBox) - Web site code auditing could have avoided the 90,000 pound online booking loss incurred by the Intercontinental Hotels Group, says Fortify, the application vulnerability specialist.

Richard Kirk, Fortify's European Director, said that the online booking fiasco - in which rooms at the Crown Plaza Venice East Quarto D'Altino hotel were sold for pennies - has lost the group tens of thousands of pounds.

"Rooms, which normally cost between up to 150 pounds a night at the four star hotel in Venice, have been booked by savvy Internet punters, most of whom are well aware of the law of contract," he said.

"After the company initially blamed the fiasco on hackers, they quickly realised their own coding and data mistake - and are now effectively locked into completing the contract with customers," he added.

Kirk says that the incident, which will cause a hole in the hotel's annual profits, could have been avoided if the hotel group - or its booking IT services provider - had used standard code auditing techniques on the Web site server system and its allied data.

Standard auditing techniques that look for non-standard patterns in bookings, as well as erroneous low or high value card authorisations, would have picked up this anomaly, he explained

According to Kirk, because of these failings in the audit process, more than 5,000 bookings were reportedly made within hours of the one pence rate being offered on the Crown Plaza Web site.

"The irony of the situation is that the hotel - and the Intercontinental Hotels Group - will probably gain in the publicity stakes, but this is an expensive way to learn that your Web site code auditing and allied safeguards have failed you," he said.

"Coming in the wake of a 40 per cent slump in first half year profits for the group, the IT director is probably not going to be too popular in the company boardroom," he added.

For more on the Crown Plaza Venice hotel fiasco: http://preview.tinyurl.com/oj3c54

For more on Fortify Software: http://www.fortify.com

Press releases you might also be interested in

Weitere Informationen zum Thema "Sicherheit":

Mobile Nutzung von SAP effektiv absichern

Un­ter­neh­men, die auf Mo­bil­ge­rä­ten kri­ti­sche Da­ten aus SAP-Sys­te­men zu­gäng­lich ma­chen, müs­sen sie zu­ver­läs­sig vor Ver­lust und Miss­brauch schüt­zen. SAP bie­tet für die Ab­si­che­rung mo­bi­ler Ge­rä­te, Apps, Da­ten und Do­ku­men­te di­ver­se Lö­sun­gen. Die mo­bi­le Si­cher­heit darf hier­bei aber nicht iso­liert be­trach­tet wer­den. Sie ist ein Bau­stein in ei­nem ganz­heit­li­chen IT-Si­cher­heits­kon­zept, das die Be­rei­che Or­ga­ni­sa­ti­on, Tech­no­lo­gie und Men­schen um­fasst.

Weiterlesen

Subscribe for news

The subscribtion service of the PresseBox informs you about press information of a certain topic by your choice at a choosen time. Please enter your email address to receive the email with the press releases.

An error occurred!

Thank you! You will receive a confirmation email within a few minutes.


I want to subscribe to the gratis press mail and have read and accepted the conditions.