Report: Security Platform Leaking Hotel Security Logs, Including Marriott Properties
vpnMentor's research team has recently discovered that Marriott and other hotel brands managed by The Pyramid Hotel Group have experienced a cybersecurity data leak, revealing vulnerabilities that could be an important tool with significant impact in a massive future attack.
vpnMentor's research team has recently discovered that Marriott and other hotel brands managed by The Pyramid Hotel Group have experienced a cybersecurity data leak, revealing vulnerabilities that could be an important tool with significant impact in a massive future attack.
Led by hacktivists Noam Rotem and Ran Locar, vpnMentor's researchers discovered a breach that exposes 85.4GB of security audit logs, which also include personally identifying information (PII) of employees of the affected companies, and go back as far as April 19, 2019. This date may indicate system setup, reconfiguration, or maintenance that impacted the server and made it open and available to the world.
The Pyramid Hotel Group utilizes Wazuh - an open source intrusion detection system - on an unsecured server that is leaking information regarding their operating systems, security policies, internal networks, and application logs.