Eine französische Business-to-Business-Plattform (“B2B”) der Hotellerie ist jüngstes Opfer eines vermeidbaren Datenlecks geworden.
Sicherheitsforscher bei ”vpnMentor” konnte eine ungeschützte Datenbank-Instanz im Internet einsehen. Es handelt sich dabei um diverse Kundendaten in Höhe von geschätzten 1 Terabyte.
ACHTUNG – das Datenleck betrifft auch Anwender von booking.com:
Led by Noam Rotem and Ran Locar, vpnMentor’s research team discovered a data breach belonging to Gekko Group, a subsidiary of Accor Hotels. Based in France, Gekko Group is a leading European B2B hotel booking platform that also owns several smaller hospitality brands. These include Teldar Travel & Infinite Hotel, the two brands most exposed in the database discovered by our team. However, some data from other Gekko Group-owned brands were also exposed. The database in question was huge, containing over 1 terabyte of data. This included data from Gekko Group brands and their clients, as well as external websites and platforms which their systems communicate with, such as Booking.com. This breach represents a serious lapse in data security by Gekko Group and its subsidiaries, compromising the privacy of their customers, clients, AccorHotels, and the businesses themselves. [...] To reiterate, this is a huge amount of data to be exposed. It represents a serious lapse in the data security protocols of Gekko Group and its subsidiaries, with serious implications for the many people affected.