Hack Notice

Hack Notice: HAPI Cloud

HAPI Cloud

Led by Noam Rotem and Ran Locar, vpnMentors research team discovered a cut in a database belonging to Autoclerk, a reservations management system owned by best Western Hotels and Resorts Group. Connected to various traveling and hospitality-related platforms online, the exposed database posed a peril to many parties. A few weeks prior to our team discovering the leak, Autoclerk was bought by best Western Hotel & Resorts Group, potentially exposing one of the biggest hotel chains in the world. The leak exposed sensitive personal data of users and hotel guests, along with a nail overview of their hotel and traveling reservations. in some cases, this included their check-in time and room number. It affected 1,000s of people across the globe, with millions of new records being added daily. The most surprising victim of this leak wasnt an individual or company: it was the US government, military, and department of Homeland Security (DHS). Our team viewed highly sensitive data exposing the personal details of government and military personnel, and their move arrangements to locations around the world, both past and future. This represented a massive hack of security for the government agencies and departments impacted. Timeline of discovery and Owner Reaction Sometimes, the extent of a data hack and the owner of the data are obvious, and the issuance quickly resolved. But rare are these times. Most often, we demand days of investigation before we realize whats at stakes or whos leaking the data. Understanding a nag and whats at stake takes careful attention and time. Some affected parties deny the facts, disregarding our search or playing down its impact. We need to be thorough and make sure everything we find is correct and true. We act hard on publishing accurate and trustworthy reports, to ensure everybody who reads them understands their seriousness. In this case, due to the number of external origin points and sheer size of the data exposed, the possessor of the database was unclear for a little while, but we suspected it belonged to Autoclerk for a number of reasons. Meanwhile, we have contacted the United States Computer emergency Readiness team (CERT). We outlined the nature of the leak, and the government, military, and DHS data that was exposed. However, at the time of publishing, they have not replied to our email, ignoring our concerns. September 13th: Database discovered September 13th: US CERT contacted, no response September 19th: US Embassy in Tel Aviv notified about the deficiency of CERT response September 26th: impinging made with representative of the Pentagon, who ensures the publication will live dealt with October 2nd: Database closed Examples of Entries in the Database The database was hosted by Amazon web Servers in the USA, containing over 179GB of data. Much of the data exposed originated from external trip and hospitality platforms using the database owners platform to interact with one another. The node platforms affected include dimension management systems (PMS), booking engines, and data services within the tourism and hospitality industries. Travel & Hospitality Platforms Affected Autoclerk is a combined reservations system for hotels, accommodation providers, travel agencies and more. Its features include server- and cloud-based Property management Systems (PMS), a web booking engine, Central Reservations Systems, and hotel PMS interfaces. For this reason, the database our team found was connected to myriad hotel and travel platforms. Some examples of the external client platforms compromised by the leak include: HAPI Cloud OpenTravel myHMS and CleanMeNext by Autoclerk Synxis by Sabre Hospitality Solutions While these platforms are mostly based in the US, the leak exposed users all over the world. Our team viewed many unencrypted login credentials to access accounts on additional systems external to the database, such as break PMS platforms, guest ratings & critique systems, and more. Personal & traveling data Exposed As the platforms exposed in this leak focused on travel and hospitality, the database contained 100,000s of booking reservations for guests and travelers. This meant the personal details of guests in accommodations using an affected platform were also exposed. The information of multitude making reservations exposed includes: Full name Date of birth Home address Phone number Dates & costs of travel Masked citation card details On certain reservations, once a guest had checked in to a hotel, their check-in time and room number also became viewable on the database. All this information is incredibly valuable for outlaw hackers and online thieves.

About HackNotice and HAPI Cloud

HackNotice is a service that notices trends and patterns in publically available data so as to identify possible data breaches, leaks, hacks, and other data incidents on behalf of our clients. HackNotice monitors data streams related to breaches, leaks, and hacks and HAPI Cloud was reported by one of those streams. HackNotice may also have the breach date, hack date, the hacker responsible, the hacked industry, the hacked location, and any other parts of the hack, breach, or leak that HackNotice can report on for the consumers of our product.

If you are a user of HAPI Cloud their products, services, websites, or applications and you were a client of HackNotice, monitoring for HAPI Cloud you may have been alerted to this report about HAPI Cloud . HackNotice is a service that provides data, information, and monitoring that helps our clients recover from and remediate data breaches, hacks, and leaks of their personal information. HackNotice provides a service that helps our clients know what to do about a hack, breach, or leak of their information.

If HAPI Cloud had a breach of consumer data or a data leak, then there may be additional actions that our clients should take to protect their digital identity. Data breaches, hacks, and leaks often conduct to and cause identicalness theft, account take overs, ransomware, spyware, extortion, and malware. account takeovers are often caused by credential reuse, watchword reuse, easily guessed passwords, and are facilitated by the sharing of billions of credentials and other customer information through data leaks, as the direct resultant of data breaches and hacks.

HackNotice monitors trends in publically available data that indicates tens of thousands of data breaches each year, along with billions of records from data leaks each year. On behalf of our clients, HackNotice works to monitor for hacks that top to depress node certificate and digital identities that make been exposed and should be considered vulnerable to attack. HackNotice workings with clients to describe the extent that digital identities have been exposed and provides remediation suggestions for how to handgrip each type of exposure.

HackNotice monitors the hacker community, which is a network of individuals that share data breaches, hacks, leaks, malware, spyware, ransomware, and many other tools that are often used for financial fraud, account submit overs, and further breaches and hacks. HackNotice monitors the hacker community specifically for breaches, hacks, and data leaks that ache consumers. HackNotice applies industry specific knowledge and advanced surety practices to monitor for trends that indicate breaches, hacks, and exposed digital identities.

HackNotice also enables clients to part jade notices with their friend, family, and collogues to help increase awareness around alleged hacks, breaches, or data leaks. HackNotice workings to supply clients with sharable reports to aid increase the surety of our clients personal network. The security of the people that our clients interact with directly impacts the rase of security of our clients. Increased photograph to accounts that get been taken over by hackers leads to further account make overs through phishing, malware, and other attach techniques.

If you found this cut note to be helpful, then you may be interested in reading some additional hack notices such as:

ch cost target a significant dip in profit, which dove an estimated 40 percent in the 4th quarter o or access to protected data transmitted, stored or otherwise processed. The notion of a trume important rights to monitor their medical records and receive notification for loss and unauthori

NordVPN and TorGuard VPN hacks: What You Need to Know - PCMag

Princeton Insurance Agency

Paragon Marketing Group