Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Data of 130 Million hotel chain guests offered for 8 BTC on Dark Web

A hacker is offering for sale the personal details of over 130 million hotel chain guests on a Chinese Dark Web forum. The news was reported by Bleeping computers, a hacker is selling the personal details of over 130 million hotel guests for 8 Bitcoin on a Chinese Dark Web forum. “The breach was reported […]

Chinese hotel chains dark web

A hacker is offering for sale the personal details of over 130 million hotel chain guests on a Chinese Dark Web forum.

The news was reported by Bleeping computers, a hacker is selling the personal details of over 130 million hotel guests for 8 Bitcoin on a Chinese Dark Web forum.

“The breach was reported today by Chinese media after several cyber-security firms spotted the forum ad [1234].states Bleeping Computer.

The price for the huge trove of data is 8 Bitcoin (roughly $49,000), it includes official website registration information (ID card number, mobile phone number, email address, login password); check-in registration information (customer name, ID card number, home address, birthday), and booking information (name, card number, mobile phone number, check-in time, departure time, hotel ID number, room number).

The offer was noticed by several cyber-security firms, the hacker claims to have obtained the data from Huazhu Hotels Group Ltd, one of biggest Chinese hotel chains that operate 13 hotel brands across 5,162 hotels in 1,119 Chinese cities.

The stolen data appears to be related to guests who stayed at any of Huazhu’s hotel brands (Hanting Hotel, Grand Mercure, Joye, Manxin, Novotel, Mercure, CitiGo, Orange, All Season, Starway, Ibis, Elan, Haiyou).

The ad published by the seller states the stolen data is included in an archive of 141.5 GB that contains 240 million records, with information on roughly 130 million hotel guests that stayed at one of Huazhu hotels.

Chinese hotel chain dark web

 

On August 28th, the China Lodging Group issued a statement on the Weibo platform announcing that the group has launched an internal investigation, the Chinese hotel chain also reported the incident to the authorities.

According to the Chinese cyber-security firm Zibao data are authentic and the incident likely occurred early August.

Zibao experts believe the data are related to a new is data leak and are not collected from previous data breaches, instead, it appears to be linked to a mistake of a Huazhu’s programmer that uploaded it on GitHub.

“Zibao Technology believes that this batch of data is suspected to be leaked by a Chinese-speaking company programmer who uploaded to GitHub 20 days ago using a database connection.” reads bjnews.com.cn. 

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs – Chinese Hotel Chain, data leak)

[adrotate banner=”5″]

[adrotate banner=”13″]