In a statement to the BBC the company said:
“We confirm that we have taken down the HotelHippo.com website to take some urgent action to deal with a technical situation.Privacy of customer data is our prime concern, and we are committed to ensuring this safety.”
The IC opened an investigation on Tuesday……”We will be looking into the matter to establish the full details,”
http://www.bbc.co.uk/news/technology-28107277
Breach of princple seven of the Data Protecton Act 1998
Everyone in business is responsible for using data and has to follow strict rules called ‘data protection principles’.
You must make sure the data you use is
1. used fairly and lawfully
2. used for limited, specifically stated purposes
3. used in a way that is adequate, relevant and not excessive
4. accurate
5. kept for no longer than is absolutely necessary
6. handled according to people’s data protection rights
7. kept safe and secure
8 not transferred outside the UK without adequate protection
There is stronger legal protection for more sensitive information, such as the ethnic, political, religous beliefs, health or sexual or criminal records.