July 25, 2020

1025 words 5 mins read

Hotel booking firm exposes data on millions of guests

Hotel booking firm exposes data on millions of guests

Prestige Software, a hotel reservation platform used by Hotels.com, Booking.com, and Expedia, left data belonging to “millions” of guests exposed on a misconfigured Amazon Web Services (AWS) S3 bucket. According to Website Planet, the highly-sensitive information dates back as far back as 2013. It reports that the Spanish company, which sells a channel management platform called Cloud Hospitality

that allows hotels automate their availability on online booking websites, was storing years of hotel guest and travel agent data without any protection in place. SEE MORE Top 10 most embarrassing data breaches SEE MORE FOI requests reveal “thousands” of government data breaches SEE MORE Marriott International fined £18.4m for 2014 data breach As a result, Prestige Software exposed over 10 million individual log files in total. Each of these records exposed sensitive and personally identifiable information (PII), including names, email addresses, national ID numbers, phone numbers, reservation information, and credit card details, including CVV and expiration date. Website Planet reports that the S3 bucket contained over 180,000 records from August 2020 alone, despite global hotel bookings being at an all-time low for this period. However, it’s difficult to say how many people were affected due to the amount of data exposed. The report notes the actual number of people exposed could be much higher than the number of reservations logged as many of the data logs contained PII data for numerous people on one booking. While the scope of the data breach remains unknown, it could lead to all too common risks with hotel data exposures, such as credit card fraud, identity theft, and phishing scams. Perpetrators could even use the data to steal someone else’s reservation. Website Planet said the hole was closed a day after telling AWS about the exposure, adding that Prestige Software confirmed it was the owner of the data and the party responsible for the leak. Due to the fact that Prestige Software is based in Spain, with offices in Madrid and Barcelona, the company could face GDPR action as a result of the breach. If it failed to follow the strict rules set out within the legislation, which includes a requirement to report the breach within 72 hours, the company could be fined €20 million (about £18 million) or 4% of annual global turnover. Earlier this month, the Information Commissioner’s Office (ICO) hit Marriott International with an £18.4 million fine for a data breach that affected 339 million guest records worldwide.

Date: 2020-11-09

URL: http://feeds.itpro.co.uk/~r/ITPro/Today/~3/NvhQf9N4NtY/prestige-software-data-breach-millions-hotel-guests-exposed

itpro.co.uk

Is this the beginning of the end for Google? (2020-12-06) Over the next few years Google will face a massive uphill battle as it fights an antitrust lawsuit filed by the US Department of Justice in October It stands accused of a range of antitrust violations In a court filing the DoJ described Google as a monopoly gatekeeper and accused it of behaviours that deny rivals scale to compete effectively Officials say legal action will ensure the company doesn..
Microsoft Surface Laptop 3 15in review gallery (2020-12-02) The new embiggened version of Microsofts ultraportable is slickly designed but falls behind the 135in model in multiple metrics
Two thirds of UK organisations facing digital skills gap (2020-11-24) Over two thirds 69% of surveyed UK leaders believe that their organisation is currently facing a digital skills gap according to a new report conducted by Microsoft and Goldsmiths University of London Additionally 44% of the 600 leaders surveyed indicated that they fear the current lack of digital skills in their organisation will have a negative impact on their organisations success This feeling ..
Acer TravelMate P6 review gallery (2020-12-02) Acers machine is slim light and versatile but its only ordinary elsewhere
Ransomware remains the top cyber security risk for SMBs (2020-11-17) Ransomware still poses the biggest malware threat to small and medium-sized businesses SMBs cloud cyber security providerDattohas found The findings are part of Dattos fifth annual Global State of the Channel Ransomware Report which surveyed more than 1000 MSPs on trends driving ransomware breaches as well as the impactCOVID-19has had on SMB security SEE MORE UK ransomware attacks surged 80% in la..
Web Summit 2021 to be held in-person, organiser confirms (2020-11-26) The Web Summit conference is to return to Lisbon as an in-person conference in 2021 according to its founder The event which is one Europes largest technologyconferences is due to be held virtually next weekafter beingforced to move online during the pandemic SEE MORE Non voyage: Coronavirus Brexit and the future of business travel SEE MORE CES 2021 will be a digital-only event SEE MORE How to hos..
Cosmo Communicator review gallery (2020-12-02) Planet Computers phone-laptop hybrid will be loved in certain circles
17 Windows 10 problems - and how to fix them (2019-11-04) Windows is the best-selling and most popular operating system in the world In the last forty years the OS has been central to both business and consumer computing as the glue to run various computing functions for many Most people whether at work or at home have used a version of Windows in one form or another The Microsoft system is almost everywhere barring MacOS and Linux The latest version Win..
Salesforce escalates Microsoft rivalry with £20.7bn Slack acquisition (2020-12-02) Salesforce has agreed to buy workplace messaging platform Slack in a deal worth $277 billion 207 billionthe largest acquisition in the cloud giants history Under the terms of the deal Slack will now operate as a Salesforce company but it will still be led by CEO Stewart Butterfield SEE MORE Microsoft makes CRM a priority in bid to challenge Salesforce SEE MORE Salesforce to create new 12000 jobs o..
Brother HL-J6100DW review: An excellent choice - if you’re not in a hurry (2020-11-04) The HL-J6100DW is larger than your average desktop inkjet but thats because it can turn out A3 prints just as happily as A4 Thats a handy trick and while the 322 price tag isnt the lowest weve seen its a lot cheaper than most A3 lasers Running costs are low too: the printer ships with standard high-yield ink cartridges which print a mono page for a penny and a colour one for 5p When these are exha..