Dealing With a Data Breach Hitting 8 Major Hotel Booking Sites
An inadequately secure Amazon Web Services (AWS) server left over 10 million hotel booking logs open from multiple Cloud Hospitality websites , potentially putting millions of guests at risk. The server is now secure and there is no evidence that the data is being misused (yet), but the information is sensitive enough that anyone who has used one of the following hotel websites since 2013 should be extra vigilant about their data in future:
- Agoda
- Amadeus
- Booking.com
- Expedia
- Hotels.com
- Beds in hotels
- Omnibees
- Saber
The AWC server held over 10 million logs, although the Website Planet security team says the number of affected guests could be even higher as some logs have multiple people. These magazines contain:
- Guest names, email addresses, personal identification numbers (such as passport or driver’s license number), and telephone numbers.
- Guest payment methods and billing information, including all credit card details (card number, CVV, expiration date, etc.)
- Details of guests’ booking, including number of nights, prices and any special requests made during their stay.
What you need to do to keep your data safe
The affected Cloud Hospitality server has stored information on millions of guests from around the world, but there is no evidence so far that this information has ever been accessed by attackers. There is also no evidence of fraud or attempts to steal identity against any of the individuals affected by the leak.
However, this leak must be taken seriously.
Common challenges arise, including the potential for increased vulnerability to phishing attacks, malware and ransomware attacks, financial fraud, and identity theft. Non-traditional types of fraud are also possible, such as manipulating or canceling active bookings. Here’s what you need to do to keep yourself safe:
- Change your passwords and start using an encrypted password manager (some might even keep your payment information safe in the event of a leak like this). While it doesn’t look like any passwords were leaked through this insecure server, it never hurts to be extra careful.
- Enhance account security with two-factor authentication
- Monitor your credit card statement for unusual activity over the next few months. If possible, set up fraud alerts so you don’t miss out on any weird accusations.
- Be aware of phishing attacks and links to malware in your email inbox, especially if they involve hotel stays (or any website affected by this violation). The best solution is to never follow unknown links or download email attachments.
- Check for sudden, unexpected changes to your upcoming hotel reservations or unauthorized use of hotel awards.
- If you are contacted by unknown “travel agents” offering special offers, avoid them entirely. Likewise, never confirm or disclose financial information to anyone who calls you or sends you an email in connection with potential fraud or service interruption; instead, call them to make sure the request is legal.