Subj : Millions of hotel users see personal info checked out in huge dat
To   : All
From : TechnologyDaily
Date : Thu Jan 16 2025 16:00:05

Millions of hotel users see personal info checked out in huge data leak

Date:
Thu, 16 Jan 2025 15:45:15 +0000

Description:
A dataset containing the information of 24 million hotel users was discovered 
unsecured online.

FULL STORY
======================================================================CyberNew
s researchers have discovered a huge data leak The dataset contained the 
information of over 24 million customersIt likely belonged to hotel chain 
Honotel 

A leaked dataset which contained over 24 million hotel records has been 
discovered by CyberNews researchers , which included names, emails, phone 
numbers, and detailed stay information like arrival time, number of guests, 
and price paid. 

There are strong indications that the dataset belongs to Honotel Group, a 
French hospitality investment and management firm. 

The data specifically mentions SITE HONOTEL,  researchers confirmed, as well 
as booking platforms such as Booking.com - suggesting the leaked database 
might be part of Honotels booking management system. Guests at risk 

Researchers discovered the suspected Honotel leak on October 4, 2024, and the 
leak was closed by October 7 2024, so the organization at least acted quickly 
once the disclosure notice had been sent. 

Its not clear how long the data was available, or if threat actors discovered 
or stole anything, but the information was discovered on an unprotected 
Elasticsearch server and Kibana interface. 

This puts both the customer and the company at risk. For the customer, the 
risk when Personally Identifiable Information (PII) is compromised is the 
risk of fraud and identity theft , as malicious actors can use the data to 
take out loans, bank accounts, or even to develop social engineering attacks 
against the victims. 

For the company, much like the FTC fines, European firms face GDPR 
regulations which could see penalties of up to 4% of a companys global annual 
revenue if best security practices are not put in place to protect PII. 

This comes not long after major incidents led the FTC to order the Marriott 
and Starwood hotel chains to implement more robust security measures after 
344 million customers were left exposed in a massive data breach. Marriott 
systems were exposed for up to four years, earning the firm a $52 million 
penalty from the FTC in 2024. You might also like Check out our list of the 
best firewall software around today US state sues T-Mobile over 2021 data 
breach which leaked data of millions We've also rounded up the best antivirus 
on offer right now



======================================================================
Link to news story:
https://www.techradar.com/pro/security/millions-of-hotel-users-see-personal-in
fo-checked-out-in-huge-data-leak


--- Mystic BBS v1.12 A47 (Linux/64)
 * Origin: tqwNet Technology News (1337:1/100)

.