What to Do About the Data Leak That Hit 8 Major Hotel Booking Sites

What to Do About the Data Leak That Hit 8 Major Hotel Booking Sites

An improperly-secured Amazon Web Services (AWS) server left over 10 million hotel reservations logs from numerous Cloud Hospitality websites openly exposed, potentially putting millions of guests at risk. The server is now secured and there’s no evidence the data is being misused (yet), but the information is sensitive enough that anyone who has used one of the following hotel websites since 2013 should be extra vigilant about their data going forward:

  • Agoda
  • Amadeus
  • Booking.com
  • Expedia
  • Hotels.com
  • Hotelbeds
  • Omnibees
  • Sabre

The AWC server held over 10 millions logs, though Website Planet’s security team says the number of impacted guests could be even higher since some logs include multiple people. These logs contain:

  • Guests’ names, email addresses, personal ID numbers (such as passport number or driver’s licence number), and phone numbers.
  • Guests’ payment methods and billing information, including all credit card data (card number, CVC, expiration date, etc.)
  • Guests’ reservation details, including the number of nights, prices, and any special requests made as part of their stays.

What you need to do to keep your data safe

The affected Cloud Hospitality server held information on millions of guests from all over the world, but there’s no evidence as of yet this information was ever accessed by malicious groups. There’s also no evidence of scams or identity theft attempts against any of the individuals impacted by the leak.

Still, this leak needs to be taken seriously.

The usual concerns apply, including the potential for increased vulnerability to phishing scams, malware and ransomware attacks, financial fraud, and identity theft. Non-traditional scams like manipulating or cancelling active reservations are possible as well. Here’s what to do to keep yourself safe:

  • Change your passwords and start using an encrypted password manager (some can even keep your payment info safe in case of leaks like this one). Though it doesn’t appear any password data was leaked via this insecure server, it never hurts to be extra-cautious.
  • Tighten account security with two-factor authentication
  • Monitor your credit card statements for unusual activity over the next few months. Set up fraud alerts, if possible, to ensure you don’t miss any strange charges.
  • Be mindful of phishing scams and malware links in your email inbox, especially if they’re related to your hotel stays (or the use of any websites affected by this breach). The best solution is to never click unknown links or download email attachments.
  • Check for any sudden, unexpected changes to your upcoming hotel reservations or unauthorised use of your hotel rewards.
  • If you’re contacted by unknown “travel agencies” offering special offers, avoid these entirely. Similarly, never confirm or give out financial information to anyone who calls you or emails you in relation to a potential scam or service interruption; call them, instead, to verify that the request is legitimate.

Log in to comment on this story!