Ten million customers’ personal data exposed by booking software glitch

Sunday, 10 Nov, 2020 0

Customers of Hotels.com, Booking.com, Expedia and other major booking sites have reportedly had their personal data exposed.

Security experts at Website Planet say data from millions of hotel guests globally were exposed via third-party service Prestige Software which provides automated booking solutions to major travel brands.

It said data was exposed possibly dating back to 2013.

Website Planet says Prestige’s Amazon Web Services (AWS) cloud storage service was misconfigured, which led to data of more than 10 million customers becoming visible and potentially exposed to unauthorised persons.

The individual log files contained personally identifiable information such as names, email addresses, and phone numbers of hotel guests, as well as full cardholder information including number and CVV.

"Cybercriminals could use the exposed PII data and credit card information to commit credit card fraud and steal from people compromised in the breach," the Website Planet report said.

They reported it to AWS and it was fixed within a day.

Website Planet said it couldn’t ascertain if data was accessed by cybercriminals.

"So far, there is no evidence of this happening. However, if it did, there would be enormous implications for the privacy, security and financial wellbeing of those exposed," said researcher Mark Holden.

Written by Ray Montgomery, US Editor

TravelMole Editorial Team

Editor for TravelMole North America and Asia pacific regions. Ray is a highly experienced (15+ years) skilled journalist and editor predominantly in travel, hospitality and lifestyle working with a huge number of major market-leading brands. He has also cover in-depth news, interviews and features in general business, finance, tech and geopolitical issues for a select few major news outlets and publishers.

ECOMMPAY is an international payment service provider and direct bank card acquirer, engineering bespoke payment solutions for clients worldwide. Our...

Air Transat is Canada’s number one leisure airline. It flies to some 60 international destinations in more than 25 countries...

The Polish Tourism Organisation (Polska Organizacja Turystyczna – POT) is one of several dozen national tourism organisations operating in the...

Nium was founded on the mission to build the global payments infrastructure of tomorrow, today. With the onset of the on-demand...

Travel Outlook, the premier hotel call center™ Travel Outlook is an innovative, custom off-site central reservations office (CRO) service that...

In 2024, The Red Sea will be ready to welcome 300,000 guests in line with the completion of 16 hotels...

Discover Punta Gorda/Englewood Beach, also known as the Charlotte Harbor Gulf Island Coast. This natural wonderland is nestled in the...

From the beginning, ATI’s philosophy has been “innovation, not duplication.“ Developing specialized technology solutions to connect over 30,000 accommodation, attracti...

Offering the most powerful portfolio in the industry, our 30 brands and 8,000+ properties across 139 countries and territories give...

In the heart of Europe, in one of the most innovative cities in the world, at the centre of business,...

Travel specialists founded the company in 1999 as AC Tours. Since then we have grown and expanded to incorporate four...

NSW, Australia Welcome to New South Wales – a place to feel free, feel alive, feel new. As the official...

Intrepid Travel is a world leader in sustainable experience-rich travel that has been taking travellers to discover the world’s most amazing places...