Ten million customers’ personal data exposed by booking software glitch

Sunday, 10 Nov, 2020 0

Customers of Hotels.com, Booking.com, Expedia and other major booking sites have reportedly had their personal data exposed.

Security experts at Website Planet say data from millions of hotel guests globally were exposed via third-party service Prestige Software which provides automated booking solutions to major travel brands.

It said data was exposed possibly dating back to 2013.

Website Planet says Prestige’s Amazon Web Services (AWS) cloud storage service was misconfigured, which led to data of more than 10 million customers becoming visible and potentially exposed to unauthorised persons.

The individual log files contained personally identifiable information such as names, email addresses, and phone numbers of hotel guests, as well as full cardholder information including number and CVV.

"Cybercriminals could use the exposed PII data and credit card information to commit credit card fraud and steal from people compromised in the breach," the Website Planet report said.

They reported it to AWS and it was fixed within a day.

Website Planet said it couldn’t ascertain if data was accessed by cybercriminals.

"So far, there is no evidence of this happening. However, if it did, there would be enormous implications for the privacy, security and financial wellbeing of those exposed," said researcher Mark Holden.

Written by Ray Montgomery, US Editor

TravelMole Editorial Team

Editor for TravelMole North America and Asia pacific regions. Ray is a highly experienced (15+ years) skilled journalist and editor predominantly in travel, hospitality and lifestyle working with a huge number of major market-leading brands. He has also cover in-depth news, interviews and features in general business, finance, tech and geopolitical issues for a select few major news outlets and publishers.

MGM Resorts International (NYSE: MGM) is an S&P 500® global entertainment company with national and international locations featuring best-in-class hotels...

Traveltek is the world-leading provider of online solutions for the travel trade, from consumer-facing websites to call centre applications. We...

The State of Michigan is blessed with the riches of unspoiled nature: the nation’s longest freshwater coastline, lakes that feel like...

Cunard is the operator of luxury cruise ships Queen Mary 2®, Queen Victoria® and Queen Elizabeth®. Renowned for impeccable White...

At Wilderness Safaris we believe in creating life-changing journeys and have been doing so for over 39 years. Our purpose...

Destination British Columbia (Destination BC) is a Provincially funded, industry-led Crown corporation that supports a strong and competitive future for BC’s...

The Oregon Tourism Commission, dba Travel Oregon, works to enhance visitors’ experiences by providing information, resources and trip planning tools...

ABOUT THE PHILIPPINES Mabuhay! Welcome to our archipelago of 7,641 islands where there are endless beaches, lively and fashionable cities,...

Our Mission Ecommerce has transformative powers, and we believe everyone should be able to take part. But outdated solutions and...

Family-owned Olympic Holidays has been arranging holidays to Greece, the Greek islands and Cyprus for more than half century. The company is unrivalled...

Queensland – where it’s rude not to stare Here in Queensland, there’s plenty to do. But there’s even more to...

Air Transat is Canada’s number one leisure airline. It flies to some 60 international destinations in more than 25 countries...

Greater Fort Lauderdale’s assortment of adventures awaits you. Whether you want to relax on the beach as the sound of...

From the beginning, ATI’s philosophy has been “innovation, not duplication.“ Developing specialized technology solutions to connect over 30,000 accommodation, attracti...