Airbnb Exposed Private Inboxes To Unrelated Accounts Due To Technical Glitch

Airbnb users faced a peculiar issue recently when they started seeing unrelated inboxes. It turns out that Airbnb inadvertently exposed private inboxes to other users because of a technical glitch.

Airbnb Exposed Private Inboxes

Lately, Airbnb users noticed some unrelated inboxes in their accounts after they logged-in. Specifically, those messages neither belonged to their accounts, nor the apartments.

The users could view other hosts’ data, including addresses, as well as the codes needed to step in a property. Whereas, with every refresh, they could view entirely new information of another unrelated account.

The glitch precisely affected the host accounts, after which, the users flooded the social media with complaints.

I am seeing other hosts messages [Bug? Security leak?] from AirBnB

Airbnb host login shows me other people’s inboxes from AirBnB

Users even confirmed about other hosts facing the same worldwide.

According to a user, upon contacting Airbnb support to report the matter, they received the advice to “clear cookies”. That too didn’t work. Other users also commented that they couldn’t get any help in this matter as the support agents confirmed things were fine at their end.

While the problem remained unclear initially, Airbnb later told ZDNet that it was a technical glitch. As per their statement,

On Thursday, a technical issue resulted in a small subset of users inadvertently viewing limited amounts of information from other users’ accounts.

The glitch happened on Thursday that affected desktop and mobile web platforms. The Airbnb mobile app, however, remained unaffected.

Bug Addressed

According to Airbnb, they identified the technical issue within an hour it happened. While the flaw exposed data to others, Airbnb confirmed no serious security threat as the other users could not modify the exposed information.

We fixed the issue quickly and are implementing additional controls to ensure it does not happen again. We don’t believe any personal information was misused and at no point was payment information accessible.

Hence, now, the Airbnb host accounts are safe.

Yet, it remains unclear if this data exposure would trigger any legal issues or not.

Let us know your thoughts in the comments.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients