---
layout: default
title: "Centaur Website Reveals Guests' Personal Info"
description: "An Economic Times report on a major data leak from the Centaur Hotels website, exposing sensitive identity documents of guests and raising questions of privacy, liability and IT Act compliance."
categories: [Media mentions]
date: 2011-06-20
source: "The Economic Times"
authors: ["Shilpa Phadnis"]
permalink: /media/centaur-website-reveals-guests-personal-info/
created: 2025-12-10
---

**Centaur Website Reveals Guests' Personal Info** is a report published in *The Economic Times* on 20 June 2011. The story highlights a significant lapse in data security on the Centaur Hotels website, which exposed sensitive personal information including passports, driving licences, PAN numbers and credit card details of guests. The article also includes expert comments from Sunil Abraham, who explains the privacy implications and liabilities under Section 43 of the IT Act. This *Economic Times* article story originally appeared in [*The Times of India*](/media/centaur-website-reveals-guests-personal-info-times-of-india/) on the same date.

## Contents

1. [Article Details](#article-details)  
2. [Full Text](#full-text)  
3. [Context and Background](#context-and-background)  
4. [External Link](#external-link)

## Article Details

<dl class="media-details">
  <dt>📰 Published in:</dt>
  <dd><em>The Economic Times</em></dd>

  <dt>✍️ Author:</dt>
  <dd>Shilpa Phadnis</dd>

  <dt>📅 Date:</dt>
  <dd>20 June 2011</dd>

  <dt>📄 Type:</dt>
  <dd>News Report</dd>

  <dt>📰 Newspaper Link:</dt>
  <dd>
    <a class="btn" href="https://economictimes.indiatimes.com/industry/services/hotels-/-restaurants/centaur-website-reveals-guests-personal-info/articleshow/8921496.cms">Read Online</a>
  </dd>
</dl>

## Full Text

<div class="highlighted-text" id="fulltext">

<p><strong>Synopsis</strong><br>
The Centaur Hotels' website, centaurhotels.com, appears to have compromised personal information of its hotel guests.</p>

<p><strong>BANGALORE:</strong> The Centaur Hotels' website, centaurhotels.com, appears to have compromised personal information of its hotel guests, in what seems to be a case of poor internet security protocols implemented by the site. This allowed website visitors on Saturday to obtain and view details of passports, driving licences, pan numbers, credit cards, and other forms of personal identification provided by its guests.</p>

<p>Centaur Hotels, a unit of the Hotel Corporation of India (HCI), is a wholly-owned subsidiary of the National Aviation Company of India that runs national carrier Air India. It runs a hotel near the Delhi international airport and another in Srinagar.</p>

<p>Around 52 scanned copies of passports of people of different nationalities, pan card details of Indian guests and driving licences were visible on the site. The page was taken down when the issue was brought to their notice. Various online facilities such as reservation are not available now. But TOI has screen shots of some of the documents. When contacted, Centaur marketing head Pradeep Garg said, "We will look into the matter. Please lodge a formal complaint. We don't have an online payment system, hence we don't collect any identification proof."</p>

<p>Centaurhotels.com shows the site manager as Capt Samarth Singh, who is the chief executive of a consultancy firm called Hybrid Content. But Singh said that for the past one year, the site was under the jurisdiction of a website developer in Mumbai, S Naidu. "We will, however, clarify to both the parties - Naidu and Centaur Hotels," Singh said.</p>

<p>He said he had sent requests to Centaur Hotels to remove his name from the hotel portal as his contract had ended. Hybrid held the contract from December 2008-April 2010. It has won the mandate to manage the site from June 1. "But the domain is not within my reach. It is still with the old registrar," Singh said.</p>

<p>Sunil Abraham, executive director of Centre for Internet and Society, said personal information leaked online is a breach of privacy. "Anybody collecting passport and credit card details has to follow security policies. According to Sec 43 of the IT Act 2000, the hotel shall be liable to pay damages not exceeding Rs 1 crore to every individual so affected."</p>

</div>

<button class="copy-btn-full" data-copytarget="#fulltext">Copy Full Text</button>

{% include back-to-top.html %}

## Context and Background

This article captures one of the early publicised cases of a major data breach in India's hospitality sector. Long before data protection frameworks were widely discussed, the Centaur Hotels incident revealed how poorly implemented websites could expose highly sensitive identity documents of guests.

The episode illustrates the risks associated with inadequate security practices, weak vendor oversight and fragmented responsibility for digital infrastructure. Sunil Abraham's remarks place the breach in the context of Section 43 of the IT Act, underscoring that entities handling personal data can face significant financial liability for negligence. The article also hints at deeper systemic issues: the absence of standardised security protocols, unclear accountability between contractors and owners, and the lack of regulatory enforcement mechanisms at the time.

## External Link

- <a href="https://economictimes.indiatimes.com/industry/services/hotels-/-restaurants/centaur-website-reveals-guests-personal-info/articleshow/8921496.cms">Read on The Economic Times</a>

<style>
.media-details {
  background: #f9fbfe;
  border: 1px solid #d8e2f0;
  border-radius: 10px;
  padding: 1.2rem 1.4rem;
  max-width: 700px;
  margin: 1.2rem auto;
  font-size: 0.96rem;
  line-height: 1.5;
  color: #333;
  box-shadow: 0 2px 4px rgba(0,0,0,0.04);
}
.media-details dt { font-weight: 600; color: #1b2a49; margin-top: 0.7rem; }
.media-details dd { margin: 0 0 0.3rem 0.3rem; color: #555; }
.highlighted-text {
  background-color: #fffbea;
  border-left: 4px solid #f2ce61;
  padding: 1rem 1.2rem;
  border-radius: 8px;
  line-height: 1.65;
  color: #333;
  margin-bottom: 0.8rem;
}
.highlighted-text p { margin-bottom: 1rem; }
.copy-btn-full {
  display: inline-block;
  background: #f1f1f1;
  border: 1px solid #ccc;
  font-size: 0.85rem;
  padding: 0.4rem 0.8rem;
  border-radius: 6px;
  cursor: pointer;
  transition: background 0.2s ease;
  margin-bottom: 1.5rem;
}
.copy-btn-full:hover { background: #e5e5e5; }
.copy-btn-full:focus { outline: 3px solid #ffbf47; outline-offset: 2px; }
</style>

<script>
document.addEventListener('DOMContentLoaded', () => {
  document.querySelectorAll('.copy-btn-full').forEach(btn => {
    btn.addEventListener('click', async () => {
      const target = document.querySelector(btn.getAttribute('data-copytarget'));
      if (!target) return;
      try {
        await navigator.clipboard.writeText(target.innerText.trim());
        const original = btn.textContent;
        btn.textContent = 'Copied!';
        setTimeout(() => (btn.textContent = original), 1500);
      } catch (e) {
        btn.textContent = 'Copy failed';
        setTimeout(() => (btn.textContent = 'Copy Full Text'), 1500);
      }
    });
    btn.addEventListener('keydown', (ev) => {
      if (ev.key === 'Enter' || ev.key === ' ') {
        ev.preventDefault();
        btn.click();
      }
    });
  });
});
</script>