Prestige Software accidentally exposes millions of guest user data from its online cloud and reveals massive sensitive user information for public access and use. The online company operates the biggest hotel online services with Hotels.com, Booking.com, and Expedia, which have its user data stored in an open cloud.
The Madrid and Barcelona-based technology and computer services company, Prestige Software, was recently discovered for having low security for its online databases that store guests' highly sensitive user information. The company's websites are an Amazon Web Services S3 bucket and are highly-rated and used in the hotel industry.
Experts have warned before that these online hotel services are easily breached and susceptible to significant attacks and data breaches. Now, the warnings are slowly coming to reality with Prestige Software's recent discovery by concerned users and Website Planet.
Prestige Software Data Breach Leaks Booking.com, Hotels.com, Expedia User Information
The most significant online hotel services globally are all subject to massive hacks and major attacks to steal highly sensitive information. The information database holds full names, addresses, credit card information, national ID numbers, and more.
According to Website Planet, its security team recently discovered the anomalies and security risks of Prestige Software's online cloud system, which have more than 10 million guest user files sitting quietly. The guest files are exposed to the public and for anyone that wishes to access the database.
A total of 24.4 gigabytes of user data are like "sitting ducks" and ready for hunting by malicious figures and organizations lurking in the online world. Website Planet suggests that anyone who tries to access and hack into the company's cloud services can easily do so.
Prestige Software's "Cloud Hospitality" is a channel management platform that automates the process for internet-based booking sites, including the likes of Booking.com and Hotels.com. The website discovered that the open database has its cloud and information exposed as early as 2013.
Are There Data Hacks or User Breaches Now?
Following news like the exposure of guest user data information easily accessible by anyone leaves a question of whether hacks are happening on its systems presently. However, this type of information is not yet gathered by websites and even its national government.
There is no knowledge of how many users are affected by cloud exposure, and there are no ideas yet whether there are breaches on Prestige Software's systems. Also, today, there are no known hacks involving Prestige Software's weak and considerably easy to hack online systems.
Prestige Software admitted that it owns the data that was found to be exposed and is genuinely from its hotel user guests. According to Engadget, once a user registers all personal information, it will be automatically uploaded to Cloud Hospitality's subscription to the Amazon Web Services S3 bucket.
The Amazon Web Services are understood to be "misconfigured," according to Website Planet, and are open to massive breaches. In addition to stealing personal information and credit card numbers, hackers can also steal a reservation to use the booking for themselves.
Related Article: Caution: Major Windows Ransomware Gang Makes Its Way to to Linux
This article is owned by Tech Times
Written by Isaiah Alonzo