Report: Travel Reservations Platform Leaks US Government Personnel Data
vpnMentor’s research team discovered a breach in a database belonging to Autoclerk, a reservations management system owned by Best Western Hotels and Resorts Group, connected to various travel and hospitality-related platforms online. This data breach not only exposes sensitive information from users and guests but also includes personal information regarding US government, military, and Department of Homeland Security (DHS) officials.
Some of the data includes:
- For clients and guests, the breach exposes various personal booking details including full names, home addresses and masked credit card details.
- The leak also exposes Government officials personally-identifying information (PII) of personnel and their travel arrangements, while the team also managed to find their email address, phone numbers, and other sensitive personal data.
- While this leak is a severe breach of personal information, it also exposes users, clients and officials to additional risks such as fraud & phishing campaigns, physical risks and malicious software attacks.