It hasn’t been long since we heard of the massive Marriott data breach affecting millions of customers. And now, despite this issue, it seems the hotel management group behind this giant didn’t learn much from the incident. As discovered recently, The Pyramid Hotel Group exposed huge volumes of hotel security logs publicly.
Pyramid Hotel Group Data Leakage
The hacktivist duo Noam Rotem and Ran Locar from VPNMentor discovered one more leaky database. They found the unsecured server as part of their ongoing web mapping project.
As disclosed in their blog post, the unsecured server belonged to The Pyramid Hotel Group, which manages Marriott and other big hotel brands. The researchers found the database leaking 85.4GB of security logs generated by Wazuh – an opensource intrusion detection system. This included details such as operating systems, internal networks, application logs, security policies, and PII data of the staff of the affected facilities.
The leaked details date back to April 19, 2019. As described by the researchers, the exposed data included, but not limited to,
Server API key and password, Device names, IP addresses of incoming connections to the system and geolocation, Firewall and open ports information, Malware alerts, Restricted applications, Login attempts, Brute force attack detection, Local computer name and addresses, including alerts of which of them has no antivirus installed, Virus and Malware detected on various machines, Application errors, Server names and OS details, Information identifying cybersecurity Policies, Employees’ full names and usernames, Other telling security data.
Whereas, the entities affected by this breach include Carton House Luxury Hotel (Ireland), Temple Bar Hotel (Ireland), Tarrytown House Estate (New York), Aloft Hotels (Florida), and other brands.
PHG Took Off The Data
Explaining the dangers of this breach, the researchers said that criminal hackers could use this information in various malicious ways. Such kind of data could give them insights to the hotels’ network. Moreover, it also threatens the physical security of the hotel guests. As stated by the researchers,
With this window into the cybersecurity events and policies, it is possible to fine-tune tactics to gain entry into the systems of the affected companies. From what we can see, it’s possible to understand the naming convention used by the organization, their various domains and domain control, the database(s) used, and other important information leading to potential penetration.
The VPNMentor researchers discovered the unsecured database on May 27, 2019. They promptly informed Pyramid Hotel Group of the matter. Consequently, the company pulled down the leaky database by May 29, 2019. So now, the matter seems resolved.
Take your time to comment on this article.