Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

The Pyramid Hotel Group data leak exposes 85GB of security logs of major hotel chains

vpnMentor researches have recently discovered that hotel brands managed by The Pyramid Hotel Group have suffered a data leak. vpnMentor experts have discovered that hotel brands managed by The Pyramid Hotel Group, including Marriott, have suffered a data leak, vpnMentor’s research team discovered the unprotected server through port scanning to examine known IP blocks. Researchers […]

Pyramid Hotel Group

vpnMentor researches have recently discovered that hotel brands managed by The Pyramid Hotel Group have suffered a data leak.

vpnMentor experts have discovered that hotel brands managed by The Pyramid Hotel Group, including Marriott, have suffered a data leak,

vpnMentor’s research team discovered the unprotected server through port scanning to examine known IP blocks.

Researchers discovered 85.4GB of security audit logs, the exposed data also include monitoring and alerts, reported system errors, misconfiguration, policy violations, potential attempted malicious breaches, and other cybersecurity events. Unsecured data also include personally identifying information (PII) of employees.

Exposed data is date back to April 19, 2019, likely the date of the system setup or reconfiguration that is the root cause of the leak.

The unsecured server exposed audit logs generated by Wazuh, an open-source intrusion detection system used by the company.

“The Pyramid Hotel Group utilizes Wazuh – an open source intrusion detection system – on an unsecured server that is leaking information regarding their operating systems, security policies, internal networks, and application logs.” reads the post published by vpnMentor.

Pyramid Hotel Group

The Pyramid Hotel Group manages hospitality and resort properties in the US, Hawaii, the Caribbean, Ireland, and the UK, it includes locations of several brands such as Marriott, Sheraton, Plaza, Hilton Hotel and other independent hotels.

Data leaked by the company could be used by attackers to gather information about hotels’ network and security measures implemented to protect them. This information could be used by hackers in later attacks.

Below the timeline of discovery:

DATEEVENT
5/27/19Breach discovered by vpnMentor Research team
5/28/19Informed PHG of breach
5/28/19Received acknowledgement from PHG
5/29/19Data leak closed. Problem resolved.

Recently vpnMentor experts discovered an unprotected database impacting up to 65% of US households.

If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter”

Thank you

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Pyramid Hotel Group, data leak)

[adrotate banner=”5″]

[adrotate banner=”13″]