We were recently alerted to a flaw on KAYAK, which could have allowed a third party to see some hotel transaction information by matching a last name with the last four digits of a stored credit card.
This flaw left the potential for someone to view other people’s customer contact info and dates of travel. We were able to fix this problem within a few hours of it first being reported.
No confidential credit card or payment data was exposed, and there was no systematic access.
We apologize for this error, and I am personally reviewing our technology and processes to minimize the chance of anything like this happening again.
KAYAK CTO & Cofounder
Questions? Send us feedback or email .