Airbnb hosts last week reported a series of privacy breaches happening within the app, allowing them to see the private inboxes of other users. This highly sensitive information included people’s addresses and the codes to their properties.
The issue appears to be occurring worldwide and poses a major security issue.
Ray Walsh, digital privacy expert at ProPrivacy, says the breach is putting hosts and consumers at huge amounts of risk.
“It seems clear that the leak is going to cause a lot of upheaval for Airbnb hosts, who will need to update the codes to their homes in order to secure them and ensure they are not potentially at risk of burglary,” he says.
“It is vital for Airbnb to fix whatever is causing the problem right away. Early reports appear to indicate that Airbnb is telling hosts to clear their cookies in order to fix the problem. This is not a suitable response because the onus should not be on consumers to fix Airbnb’s mistake.”
Walsh says some hosts are reporting having access to a different inbox each time they log back in, meaning that Airbnb’s customer support advice is actually compounding the issue.
“It will now be necessary to launch a full investigation into the leak to ascertain how and why it occurred, and to figure out what culpability Airbnb should face for having caused such and dangerous data leak.”
He warns this could lead to massive fines under GDPR in Europe as well as from the Federal Trade Commission in the USA.
“It is worth noting that GDPR alone sets a maximum fine of €20 million or 4% of annual global turnover – whichever is greater – for infringements, meaning this could prove to be very costly indeed for Airbnb.”
Hospitality business expert and founder of booking site Boostly Mark Simpson, wasted no time weighing in: “It is shocking to see accommodation hosts’ data revealed,” he said. “Not only that but I could see other hosts sensitive information including passwords, phone numbers and key access codes for their units. A global company should take better care of their paying hosts and guests.”