Date
22 September 2017

Loopholes force Ctrip to stop saving user card info, paper says

Ctrip will stop saving users’ credit card verification (CCV) information online after system loopholes were discovered on the travel website that led to the leak of user information, Shanghai Daily reported Wednesday. The Shanghai-based firm, which operates China’s biggest tourism website with more than 140 million users, said Tuesday that security concerns have prompted it stop saving the CCV numbers printed on credit cards and delete previous data stored in its servers, the paper noted. The move came after WooYun.org, a website specializing in reporting loopholes, said over the weekend that it had managed to download the credit card payment information, such as identity card numbers, bank card data and CCV information, of 93 users from Ctrip.com, exposing loopholes on the latter’s website, it said. The users are said to have held credit cards issued by China Merchants Bank.

– Contact HKEJ [email protected]

SK/RC

EJI Weekly Newsletter

Please click here to unsubscribe