User data, of the thousands of guests, at hotels from all over the world was stolen from a Paris based firm, FastBooking, which deals in Hotel booking software, on June 14 2018. The company sells its software to more than 4000 strategic partner hotels in about 100 countries with around 1.2 million transactions annually and about 10 million server requests on their CRS servers each day.
This Hotel Data breach was detected by the FastBooking employees after about 5 days, on June 19 2018. The malware tool installed in the servers by the attacker(s) allowed them remote access to the FastBooking servers. The attacker(s) had gained access by exploiting a vulnerability in an application that was hosted on the FastBooking servers. The attacker(s) then installed a malware tool to gain access and steal the data of hundreds of thousands of users. The data contained personal details and banking card details of the guests who had stayed at the strategic partner hotels which are currently using the FastBooking software for their hotels.
In a more detailed analysis, at the time, by FastBooking, it was found that the attacker(s) had targeted guests’ first names, home address, nationality, e-mail address and hotel check-in, & check-out details.
The attacker(s) had managed to obtain personal banking card details of some of the customers from the servers that had this data stored on them. It contained holder’s name on the card, expiration date and the card’s number.
Read Full Article
In a more detailed analysis, at the time, by FastBooking, it was found that the attacker(s) had targeted guests’ first names, home address, nationality, e-mail address and hotel check-in, & check-out details.
The attacker(s) had managed to obtain personal banking card details of some of the customers from the servers that had this data stored on them. It contained holder’s name on the card, expiration date and the card’s number.
Read Full Article
No comments:
Post a Comment