When it comes to protecting user data, there’s personal information and then there’s, ahem, personal information. And, while one would have thought all software startups understand the importance of cyber security by now, that should be especially true of those working in the extramarital sex space.
But, alas, Japanese startup HappyHotel, a search engine for finding and booking rooms in so-called ‘love hotels’ has found itself the victim of a hack that’s caused it to head offline and cease all operations.
The hack occurred on December 22, and the site’s homepage has now been replaced with a notice about the breach.
The notice suggests a third party has been able to access the emails, usernames and passwords of HappyHotel users, as well as their date of birth, sex and city.
It is also possible that users’ first and last names, phone numbers and credit card information could have been accessed.
HappyHotel connects couples with love hotels, allowing them to seamlessly book hotels for as little as an hour.
But it’s not only the domain of sex workers and cheating spouses; these hotels are also reportedly often used by couples who just can’t wait to get home, or even by the odd businessperson in need of a nap.
But even so, it’s a serious breach, with seriously identifiable information potentially exposed.
Equally, it’s easy to draw parallels with the infamous Ashley Madison data breach of 2015. At the time, users found themselves targeted with blackmail and extortion after their details were leaked.
In the case of HappyHotel, it doesn’t look like any data has been released, yet. But this is the kind of business where customer privacy is paramount, and whatever the fallout, let it be a word of warning to other startups holding sensitive customer data.