|Ctrip faces potential hackers risk.|
Monday, 24th March 2014
Source : Ctrip.com International, Ltd.
Ctrip.com International, Ltd issued this press release in response to a recent incident related to Ctrip's information security.
In the evening of March 22, 2014, a third party website with focus on internet security information exchange, released news that as a result of a temporary testing function performed by Ctrip, certain data files containing customers' credit card information had been stored on local servers maintained by Ctrip, which may lead to potential exposure of these customers' information to hackers.
Shortly after the news was released, Ctrip conducted a thorough internal check and removed the cause of the potential security concern within two hours. Ctrip also issued public statements in China related to the incident, including providing dedicated telephone lines for any customers who have questions or inquiries to call.
Ctrip has examined all other possible leaks and found that 93 customers' credit card information might have been downloaded by the above-mentioned website for the purpose of confirming potential risks. Ctrip's customer service team has proactively reached out to all 93 customers to help them minimize potential risks.
To the Company's knowledge, no customer has suffered financial loss or other damage due to the incident. Ctrip is also making efforts to ensure all customer information will be safeguarded by the Company with high security standards.
For the maximum protection of customer information, Ctrip will invite the security white hat to work together with the Company to improve its information security system. Ctrip has also established the Expedite Security Responding System through the site sec.ctrip.com and set up an RMB5 million security reserve fund to reward people and institutions who can effectively help Ctrip improve the security practice.
In addition, Ctrip will engage trusted authorities to perform extensive security audit to reassure high security standards in safeguarding customer information.