| Submit your comments on this article |
| Cyber |
| Government leaks data again... |
| 2019-11-01 |
| [Infosecurity Magazine] Researchers have discovered another unsecured Elasticsearch database, this time exposing data on thousands of travelers including US military and government employees. The research team at vpnMentor discovered the online database hosted on AWS infrastructure, on September 13. It belonged to Autoclerk, a reservations management system now owned by hotel chain Best Western Hotels and Resorts Group. The database contained over 179GB of data, often sourced from third party travel and hospitality platforms including OpenTravel, HAPI Cloud, and Synxis. Among these were hundreds of thousands of bookings and reservations, exposing personal details such as: full name, date of birth, home address, phone number, dates & costs of travel, and masked credit card details. For ordinary travelers caught in leaks like this, there is the risk of follow-on phishing attacks and identify fraud attempts, as well as a chance that attackers could target their home while they are away. However, there are even more concerning national security implications for the government personnel data exposed in the incident. |
| Posted by:M. Murcek |
| #1 Hosted by AWS? Like Amazon? WaPo's Bezos? Wotta coincidence! Did Karl Rove arrange this? |
| Posted by: Bobby at the kids place 2019-11-01 08:47 |