Data of 130 Million hotel chain guests offered for 8 BTC on Dark Web
30.8.18 securityaffairs Incindent
A hacker is offering for sale the personal details of over 130 million hotel chain guests on a Chinese Dark Web forum.
The news was reported by Bleeping computers, a hacker is selling the personal details of over 130 million hotel guests for 8 Bitcoin on a Chinese Dark Web forum.
“The breach was reported today by Chinese media after several cyber-security firms spotted the forum ad [1, 2, 3, 4].” states Bleeping Computer.
The price for the huge trove of data is 8 Bitcoin (roughly $49,000), it includes official website registration information (ID card number, mobile phone number, email address, login password); check-in registration information (customer name, ID card number, home address, birthday), and booking information (name, card number, mobile phone number, check-in time, departure time, hotel ID number, room number).
The offer was noticed by several cyber-security firms, the hacker claims to have obtained the data from Huazhu Hotels Group Ltd, one of biggest Chinese hotel chains that operate 13 hotel brands across 5,162 hotels in 1,119 Chinese cities.
The stolen data appears to be related to guests who stayed at any of Huazhu’s hotel brands (Hanting Hotel, Grand Mercure, Joye, Manxin, Novotel, Mercure, CitiGo, Orange, All Season, Starway, Ibis, Elan, Haiyou).
The ad published by the seller states the stolen data is included in an archive of 141.5 GB that contains 240 million records, with information on roughly 130 million hotel guests that stayed at one of Huazhu hotels.
On August 28th, the China Lodging Group issued a statement on the Weibo platform announcing that the group has launched an internal investigation, the Chinese hotel chain also reported the incident to the authorities.
According to the Chinese cyber-security firm Zibao data are authentic and the incident likely occurred early August.
Zibao experts believe the data are related to a new is data leak and are not collected from previous data breaches, instead, it appears to be linked to a mistake of a Huazhu’s programmer that uploaded it on GitHub.
“Zibao Technology believes that this batch of data is suspected to be leaked by a Chinese-speaking company programmer who uploaded to GitHub 20 days ago using a database connection.” reads bjnews.com.cn.