A Japanese search engine for love hotels, HappyHotel, has disclosed a data breach that exposed sensitive user data.
ALMEX, the company behind HappyHotel, a search engine for finding and booking love hotels in Japan, released a statement announcing a data breach that potentially exposed highly sensitive customer information. Unauthorized access was detected on December 22, last year, and the website/service has since been suspended while the company investigates the incident and takes measures to prevent this from happening again. Loveinjapan.com, another website run by the same company, is also currently unavailable, but the notice does not mention a data breach, thus it is unclear whether it has been affected as well.
Love hotels are short-stay hotels operating with the purpose of providing guests privacy for sexual activities. They are particularly popular in Japan. Due to the nature of these hotels and the type of clients they attract, a data breach exposing clients’ personal information could have long-lasting, serious consequences.
The exposed data includes email address, login passwords, user names, birthdays, gender, state city. The company says information such as full name, home address, phone number, credit card data and confirmed reservation information has not been leaked. According to technology website ZDNet, the stolen data has not been leaked online. However, that does not eliminate the possibility that the people behind the breach will try to contact customers directly in order to blackmail them.
“We sincerely apologize for causing inconvenience or anxiety for our customers and other concerned parties, ” ALMEX has apologized for the incident and has warned users to be careful of phishing emails that may link to fake HappyHotel websites where users may be asked to put in their card information. Legitimate emails sent from the company will be sent from firstname.lastname@example.org and will not contain links to the website.