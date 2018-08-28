from the security++ dept.
A hacker is selling the personal details of over 130 million hotel guests for 8 Bitcoin ($56,000) on a Chinese Dark Web forum.
The breach was reported today by Chinese media after several cyber-security firms spotted the forum ad [1, 2, 3, 4].
The seller said he obtained the data from Huazhu Hotels Group Ltd (Huazhu from hereafter), one of China's largest hotel chains, which operates 13 hotel brands across 5,162 hotels in 1,119 Chinese cities.
According to a description the hacker posted online, the stolen data is 141.5GB in size, contains 240 million records, with information on roughly 130 million hotel guests that stayed at one of Huazhu hotels.
The following user data is believed to be sold online: official website registration information (ID card number, mobile phone number, email address, login password); check-in registration information (customer name, ID card number, home address, birthday), and booking information (name, card number, mobile phone number, check-in time, departure time, hotel ID number, room number).
The data appears to be from customers who stayed at any of Huazhu's hotel brands —Hanting Hotel, Grand Mercure, Joye, Manxin, Novotel, Mercure, CitiGo, Orange, All Season, Starway, Ibis, Elan, Haiyou.
[...] They said the cause of the breach appears to be a mistake on the part of the Huazhu's development team, who seem to have uploaded copies of their database on a GitHub account.
Source: https://www.bleepingcomputer.com/news/security/data-of-130-million-chinese-hotel-chain-guests-sold-on-dark-web-forum/
(Score: 2) by RandomFactor on Wednesday August 29, @10:24PM (3 children)
Accidentally upload 141 GB from a corporate network and not even get noticed or error out, that's 20+ minutes total pwnage of a 1Gbps uplink.
Times have changed.
(Score: 0) by Anonymous Coward on Wednesday August 29, @10:45PM (1 child)
What corporate network? They're an hotel chain. The subsidiary hotels log-in to the same web server customers use to update available rooms and double check with customers and accounting to confirm bookings. In all likelihood they don't even whitelist IPs and only use user names and passwords.
(Score: 2) by RandomFactor on Wednesday August 29, @10:50PM
Oh, well then. That's better...
(Score: 2) by Freeman on Wednesday August 29, @11:26PM
"[...] They said the cause of the breach appears to be a mistake on the part of the Huazhu's development team, who seem to have uploaded copies of their database on a GitHub account."
Accidentally / on purpose, apparently their github account was compromised or the hacker wasn't a hacker and they were using a public repository?
"I said in my haste, All men are liars." Psalm 116:11
(Score: 2) by mrpg on Wednesday August 29, @10:37PM (4 children)
I am willing to give 1$ CASH in coins for the data.
It'd take me two weeks to download it :-(
(Score: 2) by takyon on Wednesday August 29, @10:52PM (2 children)
Ask for the USB drive option. Just be careful where you plug it in.
(Score: 0) by Anonymous Coward on Wednesday August 29, @10:56PM (1 child)
Is this some new millenial / gen z(???) sex talk?
(Score: 2) by takyon on Wednesday August 29, @11:21PM
Plug... and "play" ;)
(Score: 0) by Anonymous Coward on Thursday August 30, @12:11AM
for (i=1;i130000000;i++) {printf("Guestname: Wong");}
Just saved you two weeks. Where's my four quarters?
(Score: 2) by Freeman on Wednesday August 29, @10:59PM
"[...] They said the cause of the breach appears to be a mistake on the part of the Huazhu's development team, who seem to have uploaded copies of their database on a GitHub account."
A Rogue Development Team!
"I said in my haste, All men are liars." Psalm 116:11