News Source:
French Hotel Giant Leaks 1TB+ of Client Data
News Source/Courtesy:

Courtesy: Phil Muncaster UK / EMEA News Reporter , Infosecurity Magazine | News Source:

A leading European hotel booking platform has leaked over 1TB of data on customers, clients and partners thanks to an unsecured Elasticsearch database, exposing them to account takeover, identity theft and financial fraud.

Researchers at vpnMentor discovered the database in question on an unsecured and unencrypted server. It belonged to French B2B hotel booking firm Gekko Group, which is said to have a client list of 600,000 global hotels and is a subsidiary of Europe’s largest hotel group, AccorHotels.

Despite reaching out to AccorHotels and Gekko Group immediately after discovering the privacy snafu on November 7, it took the former a week to respond and confirm that the leak had been plugged.

The data itself came from multiple different businesses within the Gekko Group and the travel agencies and booking sites they interact with, meaning many customers who had no direct relationship with the B2B giant were affected across Europe — including in the UK, France, Portugal, Spain and the Netherlands, as well as Israel.

The main subsidiaries affected in the leak were Teldar Travel, a B2B booking system for European travel agents, and Infinite Hotels, which handles wholesale inventory and booking data distribution, according to vpnMentor.

External platforms they interact with that were also caught in the incident included,, Mondial Assistance and more.

Exposed data included reservation details such as full names and addresses as well as invoices including unencrypted payment data for travel agents and their customers. The researchers were also able to discover plain text passwords for accounts on Gekko Group platforms.

“With these, hackers could enter accounts and charge purchases to virtual credit cards stored within, maxing them out before AccorHotels or Gekko Group can charge clients for reservations, and similar bookings made. This could lead to serious losses for the company,” vpnMentor claimed.

“The contents of the database could also help hackers target the same companies in other ways. Using the information and accesses exposed, they could create effective phishing campaigns, or target companies with various forms of malicious software attacks: malware, spyware, ransomware, and more.”

Hackers could also use the data to target holidaymakers themselves with convincing phishing attacks, the firm argued.

“Enterprise infrastructures are filled with tens of thousands of cloud resources that create opportunities for leakage. In this case, it’s likely that an identity changed the privacy configurations for a legitimate reason for a single Elasticsearch server, exposing more than a terabyte of sensitive data,” explained Balaji Parimi, CEO of CloudKnox Security.

“Because companies struggle so badly with visibility into complex multi-cloud environments, finding these vulnerabilities can be like looking for a needle in a haystack. At this scale, a prevention-first approach is critical.”

Fill the numbers here
If not readable, please refresh.

News Source:

You Might Also Like

Fill the numbers here
If not readable, please refresh.

-: Disclaimer :-

This article has been aggregated from and they maybe/are the copyright owners of the same. If you are the Author/Copyright owner of this article and want us to remove the same then send an email to so that we can delete it immediately. We sincerely regret and apologies for any inconvenience caused to you due to the same. Though it is your decision but please take note that the link to your website and the article have been given above, within and on the bottom of the article.

Popular Posts

Hoteliers In Limelight

Voting Poll