Thursday, March 4, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

700,000 Choice Hotels records leaked in data breach, ransom demanded

August 16, 2019
in Internet Security
700,000 Choice Hotels records leaked in data breach, ransom demanded
587
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

Five million Bulgarians get their data hacked (the country only has 7 million!)
Source of the data breach appears to be the country’s National Revenue Agency.

700,000 records belonging to Choice Hotels have reportedly been stolen with hackers demanding payment for their return. 

You might also like

Microsoft: We’re cracking down on Excel macro malware

Twitter and Twitch added to list of those concerned with Australia’s Online Safety Bill

Google patches actively exploited Chrome browser zero-day vulnerability

Comparitech, in collaboration with security researcher Bob Diachenko, found an unsecured database containing data belonging to the hotel franchise on July 2, 2019, after the database was indexed by the BinaryEdge search engine. 

The MongoDB database was available to the public with no password or authentication in play, leaving a total of 5.6 million records exposed. 

According to Choice Hotels, the bulk of the records was only test information, including the payment card, password, and reservation fields; however, 700,000 records were genuine and contained information on guests such as names, email addresses, and phone numbers. 

Diachenko made Choice Hotels aware of the security incident on the same day of his discovery. However, someone with less honorable intentions got there first. 

CNET: Microsoft says humans could be listening to your Skype calls

While investigating the database, the researcher found a ransom note. The message claimed that 700,000 records had been stolen and backed up elsewhere and demanded 0.4 Bitcoin (BTC), approximately $4,000 at the time of writing, from the owners.

It is possible that the note was placed there by an automated script hunting for public MongoDB databases and the researcher believes that the hackers may have intended to wipe the database after copying the data. 

This would have placed serious pressure on the vendor to pay up, but thankfully, the wipe failed. 

See also: Major biometrics data leak impacts UK Metropolitan Police, banks, enterprise companies

Database access was closed off on July 2 and it appears the system was exposed for a total of four days. Choice Hotels says the database, while linked to the firm, was operated by a partner vendor and no internal Choice Hotels servers were accessed. 

“The vendor was working with the data as part of a proposal to provide a tool,” a Choice Hotels spokesperson said. 

Due to the security lapse, the hotel franchise will not be working with the unnamed vendor in question. However, it did take a further nudge by Diachenko on July 28 for the company to commit to launching an investigation. 

It is not believed at this stage that any financial information or Social Security numbers were involved in the data breach, but this does not mean the apparent theft could impact customers. 

TechRepublic: Why adware and Trojans plague the education industry

The data stolen may end up being used in tailored phishing campaigns, for example, in which names and contact details will be used to make malicious messages appear genuine — either via email or text — for the purpose of grabbing more sensitive and valuable information. Increased levels of spam arriving in guest inboxes are also possible. 

“We are evaluating other vendor relationships and working to put additional controls in place to prevent any future occurrences of this nature,” Choice Hotels told Comparitech. “We are also establishing a Responsible Disclosure Program, and we welcome Mr. Diachenko’s assistance in helping us identify any gaps.”

Previous and related coverage


Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0


Credit: Zdnet

Previous Post

Why the Inverted Yield Curve Failed to Boost Bitcoin's Price

Next Post

Influencer Marketing Trends & Emerging Social Platforms

Related Posts

Microsoft: We’re cracking down on Excel macro malware
Internet Security

Microsoft: We’re cracking down on Excel macro malware

March 4, 2021
Twitter and Twitch added to list of those concerned with Australia’s Online Safety Bill
Internet Security

Twitter and Twitch added to list of those concerned with Australia’s Online Safety Bill

March 4, 2021
Google patches actively exploited Chrome browser zero-day vulnerability
Internet Security

Google patches actively exploited Chrome browser zero-day vulnerability

March 4, 2021
High severity Linux network security holes found, fixed
Internet Security

High severity Linux network security holes found, fixed

March 4, 2021
Google takes next steps towards ‘privacy-first’ web devoid of third-party cookies
Internet Security

Google takes next steps towards ‘privacy-first’ web devoid of third-party cookies

March 4, 2021
Next Post
Influencer Marketing Trends & Emerging Social Platforms

Influencer Marketing Trends & Emerging Social Platforms

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Microsoft: We’re cracking down on Excel macro malware
Internet Security

Microsoft: We’re cracking down on Excel macro malware

March 4, 2021
Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit
Internet Privacy

Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit

March 4, 2021
Could Privacy-Preserving, Machine-Learning Tools Recover Private Data? [STUDY]
Machine Learning

Could Privacy-Preserving, Machine-Learning Tools Recover Private Data? [STUDY]

March 4, 2021
Twitter and Twitch added to list of those concerned with Australia’s Online Safety Bill
Internet Security

Twitter and Twitch added to list of those concerned with Australia’s Online Safety Bill

March 4, 2021
Machine learning: is there a limit to technological patents in Brazil?
Machine Learning

The use of artificial intelligence in life sciences and the protection of the IP rights

March 4, 2021
CRM Shortcomings Leading to Lost Revenue
Marketing Technology

CRM Shortcomings Leading to Lost Revenue

March 4, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Microsoft: We’re cracking down on Excel macro malware March 4, 2021
  • Extortion Gang Breaches Cybersecurity Firm Qualys Using Accellion Exploit March 4, 2021
  • Could Privacy-Preserving, Machine-Learning Tools Recover Private Data? [STUDY] March 4, 2021
  • Twitter and Twitch added to list of those concerned with Australia’s Online Safety Bill March 4, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates