An improperly-secured Amazon Web Services (AWS) server left over 10 million hotel reservations logs from numerous Cloud Hospitality websites openly exposed, potentially putting millions of guests at risk. The server is now secured and there’s no evidence the data is being misused (yet), but the information is sensitive enough that anyone who has used one of the following hotel websites since 2013 should be extra vigilant about their data going forward:
Agoda
Amadeus
Booking.com
Expedia
Hotels.com
Hotelbeds
Omnibees
Sabre
The AWC server held over 10 millions logs, though Website Planet’s security team says the number of impacted guests could be even higher since some logs include multiple people. These logs contain:
Guests’ names, email addresses, personal ID numbers (such as passport number or driver’s license number), and phone numbers.
Guests’ payment methods and billing information, including all credit card data (card number, CVV, expiration date, etc.)
Guests’ reservation details, including the number of nights, prices, and any special requests made as part of their stays.
The affected Cloud Hospitality server held information on millions of guests from all over the world, but there’s no evidence as of yet this information was ever accessed by malicious groups. There’s also no evidence of scams or identity theft attempts against any of the individuals impacted by the leak.
Still, this leak needs to be taken seriously.
The usual concerns apply, including the potential for increased vulnerability to phishing scams, malware and ransomware attacks, financial fraud, and identity theft. Non-traditional scams like manipulating or canceling active reservations are possible as well. Here’s what to do to keep yourself safe:
Change your passwords and start using an encrypted password manager (some can even keep your payment info safe in case of leaks like this one). Though it doesn’t appear any password data was leaked via this insecure server, it never hurts to be extra-cautious.
Tighten account security with two-factor authentication
Monitor your credit card statements for unusual activity over the next few months. Set up fraud alerts, if possible, to ensure you don’t miss any strange charges.
Be mindful of phishing scams and malware links in your email inbox, especially if they’re related to your hotel stays (or the use of any websites affected by this breach). The best solution is to never click unknown links or download email attachments.
Check for any sudden, unexpected changes to your upcoming hotel reservations or unauthorized use of your hotel rewards.
If you’re contacted by unknown “travel agencies” offering special offers, avoid these entirely. Similarly, never confirm or give out financial information to anyone who calls you or emails you in relation to a potential scam or service interruption; call them, instead, to verify that the request is legitimate.
HBO Max is still not available on Roku or Amazon Fire Stick. Just wanted to get that out of the way, because I know a lot of people are still mad abou
When I’m looking for somewhere new to go to secure any given service, I turn to Yelp. In addition to giving me a read on a business’ overall quality,
We write about web browsers at lot at Lifehacker—so much that I feel as if talking about the latest Chrome, Firefox, Edge, or Safari features is a wee
WhatsApp’s long-awaited disappearing messages feature will roll out for all users soon, but you should make sure you’re comfortable with how the featu
Last year, Apple offered a free one-year subscription to their streaming service, Apple TV+, with the purchase of any eligible Apple device, giving mi
The just-released trailer for Disney’s Cruella invites audiences to witness the mad beginnings of an evil, puppy-hunting fashionista. The film promise
Live Photos are the little moving pictures you never knew you needed. Just like in Harry Potter, these little videos capture the essence of the moment
Can we, as a collective tech community, all agree that scams and malicious hacks are bad and we shouldn’t do them anymore? No? OK, back to reality, wh
We are a comprehensive and trusted information platform dedicated to delivering high-quality content across a wide range of topics, including society, technology, business, health, culture, and entertainment.
From breaking news to in-depth reports, we adhere to the principles of accuracy and diverse perspectives, helping readers find clarity and reliability in today’s fast-paced information landscape.
Our goal is to be a dependable source of knowledge for every reader—making information not only accessible but truly trustworthy. Looking ahead, we will continue to enhance our content and services, connecting the world and delivering value.
