According to reports, the Californian Silicon Valley online portal Airbnb is struggling with enormous security problems.
On Thursday, Reddit was inundated with reports from Airbnb hosts asking about the sudden appearance of inboxes that did not belong to them when they logged on to the service.
Access to foreign inboxes
According to messages from other hosts, the mailboxes of hosts that have rented rooms, apartments or houses through the portal are displayed. Personal data should also be shown here. The hosts can see the host names, profile pictures, booking income, number of bookings from the last 30 days and even the access codes to enter the rented property.
One user reported that he cannot access his own inbox, but he can access hundreds of other hosts that are not his.
Another Reddit user claims that an Airbnb representative on the phone recommended “delete his cookies” or use a different browser. In some cases the problem was prevented by logging out and logging in again, but this does not affect all cases currently reported online. However, this does not solve the problem, more importantly it will be passed on to the users. According to further reports, logging back on allows access to another inbox of a foreign host. data protectionist Ray Walsh of ZDnet criticized that this only makes the whole problem worse.
Guest accounts
The guest accounts at Airbnb did not seem to be affected by this problem. However, if guest information is stored on a host, it may be possible to view it. The extent of the data leakage is not yet known. The reason for the release of inboxes of foreign hosts is also still unknown.
Airbnb
Airbnb said: “On Thursday, a technical problem caused a small group of users to inadvertently display limited amounts of information from other users’ accounts”. “We quickly fixed the problem and are implementing additional controls to ensure that it does not recur. We do not believe that personal information has been misused and payment information was never available at any time.
