Choice Hotels Breach: Hackers Leave Ransom Note For 700K Records

Choice Hotels Breach: Hackers Leave Ransom Note For 700K Records

Hackers claim to have stolen 700,000 customer records from Choice Hotels thanks to an exposed MongoDB instance, it has emerged.



The US-based chain, which runs franchised outlets in over 40 countries worldwide, is now being held to ransom after the hackers left a note demanding 0.4 Bitcoin (around $3800) in payment for the data, which they claimed to have copied.



Security researcher Bob Diachenko worked with security firm Comparitech to discover the database, which was left completely exposed online. However, hackers had already got there. It was only left online for four days without password protection before attackers found the account.



Although the database held 5.6 million records in total, Choice Hotels told Comparitech that most of these related to test data. Of the 700,000 genuine records stolen, names, email addresses and phone numbers of customers are among the details taken.



The server itself is said to have been owned and managed by a third party who was working with the hotel chain on a new “tool.”



“We have discussed this matter with the vendor and will not be working with them in the future,” Choice Hotels told Comparitech in an email.



“We are evaluating other vendor relationships and working to put additional controls in place to prevent any future occurrences of this nature. We are also establishing a Responsible Disclosure Program, and we welcome Mr Diachenko’s assistance in helping us identify any gaps.”



Diachenko believed the ransom note was left by an automated script set up specifically to target exposed MongoDB databases, although it didn’t succeed in wiping t ..

Support the originator by clicking the read the rest link below.