Millions of records belonging to users of Booking.com, Agoda, Expedia Group, Hotels.com may have lost their sensitive data.
A number of popular online travel agencies such as in total exposed 24.4 GB worth of data, featuring credit card details, names, ID numbers and reservation details. It is estimated 
that over 10 million people are affected.
The culprit of a data loss is a Spanish based reservation platform Prestige Software, which sells a software “Cloud Hospitality” for hotels to integrate their reservation systems with online booking websites.
It is reported that starting from 2013 Prestige Software was storing incredibly sensitive data about hotel guests and travel agents with no decent protection on a misconfigured Amazon Web Services (AWS) S3 bucket.
According to the security team at Website Planet, who investigated the breach, they contacted AWS immediately and the S3 bucket was secured the following day.
Subscribe to get helpful articles and white papers.
We discuss industry trends and give advice on how to deal with data leaks and cyber incidents.
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Necessary Cookies
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
Functional Cookies
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
Performance Cookies
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
Third-party Cookies
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!