A Barcelona, Spain-based software firm called Prestige Software has been caught exposing sensitive, private, and financial data of millions of customers around the globe.
In particular, customers from Booking.com, Expedia, Agoda, Amadeus, Hotels.com, Hotelbeds, Omnibees, Sabre, and several others are among the unsuspected victims of the data breach.
The exposed database was originally identified by researchers at WebsitePlanet who noticed a misconfigured AWS S3 bucket owned by Prestige Software was left open for public access without any security authentication.
The researchers analyzed the bucket and concluded that it contained 24.4 GB worth of data totaling more than 10 million files.
Since Prestige Software is based in Europe and exposed data belongs to people around the globe including citizens of European citizens; the company should gear up for hefty GDPR fine and penalty.
As for affected customers, it is unclear whether your data was access by third-party with malicious intent. However, as seen recently, cybercriminals have been scanning for exposed databases, stealing the data and selling it on dark web marketplaces, or leaking it on hacker forums for free download.
Read original article
Click here to view the full report by WebsitePlanet