Ahead of the Bell: Ctrip.com

AP News
Posted: Mar 24, 2014 10:38 AM

NEW YORK (AP) — The Chinese travel site Ctrip.com has become the latest company to suffer from questions about data security.

Shares fell 4 percent before markets opened Monday after it revealed that an outside security website had shown a temporary testing function performed by China's largest online travel agency allowed files containing customer credit card information to be stored on its local servers, leaving that information vulnerable to hackers.

The company closed the security gap within hours, it said, but found that the credit card information of 93 customers could have been downloaded by the outside website, reportedly China's WooYun.org, for the purpose of demonstrating the potential risk.

Ctrip said it has contacted all 93 customers to help them minimize potential risks. To its knowledge, no customer has suffered financial loss or other damage due to the incident, the company said.

Consumer sensitivity about data breaches has intensified in the wake of incidents and major U.S. corporations.

Those incidents include breaches at Target Corp. and Neiman Marcus. The Target incident compromised 40 million credit and debit cards and personal information of up to 70 million customers. At Neiman Marcus, its breach may have compromised 1.1 million debit and credit cards.

In premarket trading, Ctrip's U.S. shares fell $1.89 to $47.60.