Hack Notice

Hack Notice: OpenTravel

OpenTravel

Source
https://www.vpnmentor.com/blog/us-travel-military-leak/
Description
Led by Noam Rotem and Ran Locar, vpnMentors search team discovered a jade in a database belonging to Autoclerk, a reservations management system owned by best Western Hotels and Resorts Group. Connected to various travel and hospitality-related platforms online, the exposed database posed a risk to many parties. A few weeks prior to our team discovering the leak, Autoclerk was bought by best Western Hotel & Resorts Group, potentially exposing 1 of the biggest hotel chains in the world. The leak exposed sensitive personal data of users and hotel guests, along with a complete overview of their hotel and travel reservations. In some cases, this included their check-in time and room number. It affected 1,000s of people across the globe, with millions of new records being added daily. The most surprising victim of this leak wasnt an individual or company: it was the US government, military, and Department of homeland surety (DHS). Our team viewed highly sensitive data exposing the personal details of governing and military personnel, and their move arrangements to locations around the world, both past and future. This represented a massive hack of security for the government agencies and departments impacted. Timeline of find and Owner Reaction Sometimes, the extent of a data hack and the owner of the data are obvious, and the egress quickly resolved. But rare are these times. Most often, we demand days of investigation before we understand whats at bet or whos leaking the data. Understanding a cut and whats at bet takes careful attention and time. Some affected parties deny the facts, disregarding our search or playing down its impact. We need to be thorough and make sure everything we find is correct and true. We work hard on publishing accurate and trustworthy reports, to ensure everybody who reads them understands their seriousness. In this case, due to the number of external origin points and sheer size of the data exposed, the owner of the database was unclear for a little while, but we suspected it belonged to Autoclerk for a number of reasons. Meanwhile, we hold contacted the United States Computer emergency Readiness Team (CERT). We outlined the nature of the leak, and the government, military, and DHS data that was exposed. However, at the time of publishing, they make not replied to our email, ignoring our concerns. September 13th: Database discovered September 13th: US CERT contacted, no response September 19th: US Embassy in Tel Aviv notified about the deficiency of CERT response September 26th: contact made with representative of the Pentagon, who ensures the emerge will be dealt with October 2nd: Database closed Examples of Entries in the Database The database was hosted by Amazon web Servers in the USA, containing over 179GB of data. Much of the data exposed originated from external travel and hospitality platforms using the database owners platform to interact with one another. The client platforms affected include property management systems (PMS), booking engines, and data services within the tourism and hospitality industries. Travel & Hospitality Platforms Affected Autoclerk is a combined reservations system for hotels, accommodation providers, travel agencies and more. Its features include server- and cloud-based Property management Systems (PMS), a web booking engine, central Reservations Systems, and hotel PMS interfaces. For this reason, the database our team found was connected to myriad hotel and travel platforms. Some examples of the external client platforms compromised by the leak include: HAPI Cloud OpenTravel myHMS and CleanMeNext by Autoclerk Synxis by Sabre Hospitality Solutions While these platforms are mostly based in the US, the leak exposed users all over the world. Our team viewed many unencrypted login credentials to access accounts on additional systems external to the database, such as separate PMS platforms, guest ratings & retrospect systems, and more. Personal & move data Exposed As the platforms exposed in this leak focused on traveling and hospitality, the database contained 100,000s of booking reservations for guests and travelers. This meant the personal details of guests in accommodations using an affected platform were also exposed. The information of people making reservations exposed includes: Full name Date of birth Home address Phone number Dates & costs of travel Masked credit card details On certain reservations, once a guest had checked in to a hotel, their check-in time and room number also became viewable on the database. All this information is incredibly valuable for criminal hackers and online thieves.

About HackNotice and OpenTravel

HackNotice is a service that notices trends and patterns in publically available data so as to identify possible data breaches, leaks, hacks, and other data incidents on behalf of our clients. HackNotice monitors data streams related to breaches, leaks, and hacks and OpenTravel was reported by one of those streams. HackNotice may also have the breach date, hack date, the hacker responsible, the hacked industry, the hacked location, and any other parts of the hack, breach, or leak that HackNotice can report on for the consumers of our product.

If you are a user of OpenTravel their products, services, websites, or applications and you were a client of HackNotice, monitoring for OpenTravel you may have been alerted to this report about OpenTravel . HackNotice is a service that provides data, information, and monitoring that helps our clients recover from and remediate data breaches, hacks, and leaks of their personal information. HackNotice provides a service that helps our clients know what to do about a hack, breach, or leak of their information.

If OpenTravel had a breach of consumer data or a data leak, then there may be additional actions that our clients should take to protect their digital identity. data breaches, hacks, and leaks often direct to and reason identity theft, account take overs, ransomware, spyware, extortion, and malware. account takeovers are often caused by credential reuse, password reuse, easily guessed passwords, and are facilitated by the sharing of billions of credentials and other customer information through data leaks, as the direct result of data breaches and hacks.

HackNotice monitors trends in publically available data that indicates tens of thousands of data breaches each year, along with billions of records from data leaks each year. On behalf of our clients, HackNotice works to monitor for hacks that lead to lower client security and digital identities that have been exposed and should live considered vulnerable to attack. HackNotice works with clients to identify the extent that digital identities hold been exposed and provides remediation suggestions for how to handgrip each type of exposure.

HackNotice monitors the hacker community, which is a network of individuals that share data breaches, hacks, leaks, malware, spyware, ransomware, and many other tools that are often used for financial fraud, account take overs, and further breaches and hacks. HackNotice monitors the hacker community specifically for breaches, hacks, and data leaks that ache consumers. HackNotice applies industry specific knowledge and advanced surety practices to monitor for trends that point breaches, hacks, and exposed digital identities.

HackNotice also enables clients to share jade notices with their friend, family, and collogues to help increase sentience around alleged hacks, breaches, or data leaks. HackNotice works to provide clients with sharable reports to assist increase the security of our clients personal network. The certificate of the people that our clients interact with directly impacts the level of surety of our clients. Increased exposure to accounts that experience been taken over by hackers leads to further account take overs through phishing, malware, and other attach techniques.

If you found this hack notice to be helpful, then you may be interested in reading some additional hack notices such as:

ent's economic impact canful be constructed by using the security prices observed over a relatively shoential scathe to private citizens, and the publicity around such an event may live more damaging than e most expensive today. It may lower the price of its skill by Verizon by $1 billion. Verizon

Sabre Hospitality Solutions

Jack Henry discloses data hack at acquired company - Springfield Business Journal

Defacement http://www.casadosfiltros.com/