- Cybernews uncovers massive leak from Spanish & Austrian hospitality platforms
- Attacker stole data via compromised accounts, exposed 6.5GB on open server
- Nearly 5 million users affected, with names, emails, phone numbers, birth details, and IDs harvested
Millions of hotel guests worldwide have been affected by a major data exposure incident after a cybercriminal left stolen personal data on an unsecured server without any password protection. The breach has revealed a vast amount of personally identifiable information (PII), raising serious concerns about data security within the hospitality technology ecosystem.
The exposed data originated from hospitality platforms including Chekin, a Spain-based automated check-in service, and Gastrodat, an Austrian hotel management software provider. The attacker reportedly gained access to hundreds of compromised accounts linked to hotels and property hosts, enabling unauthorized entry into booking management systems.
Through these compromised accounts, the attacker leveraged automated scripts to extract sensitive data directly from platform APIs. The operation systematically collected booking and guest information, including reservation details and personal identifiers, which were then transmitted and stored on an open server. The lack of any security measures on the server ultimately led to the discovery of the breach.
The scale of the incident is significant, with nearly five million users impacted globally. The exposed dataset includes information from more than 170 hospitality facilities and approximately 400,000 bookings. The compromised data contains guest names, phone numbers, email addresses, dates of birth, reservation IDs, stay details, and property-related information.
In several cases, the breach extended to highly sensitive data such as ID document numbers and identification details, increasing the risk of identity theft and fraud. The exposed server also contained login credentials, account identifiers, and authentication tokens, further amplifying the potential for misuse and unauthorized access.
A closer look at the affected platforms highlights the severity of the exposure. Data associated with Gastrodat reportedly includes hundreds of thousands of booking records and millions of data entries, along with millions of unique email addresses. Similarly, Chekin-related data includes hundreds of thousands of records, covering a large number of unique email addresses and ID document details.
The incident underscores the growing cybersecurity challenges facing the hospitality industry, where digital booking systems and interconnected platforms create expanded attack surfaces. Unauthorized access to such systems not only compromises operational integrity but also exposes vast volumes of customer data.
This breach also highlights the risks associated with poor data handling practices by threat actors themselves. While the data was stolen through targeted attacks, its exposure on an unprotected server significantly escalated the scale of the incident, making it accessible to anyone who could locate it online.
As cyber threats continue to evolve, the incident serves as a stark reminder for organizations to strengthen account security, monitor unauthorized access, and ensure robust protection of sensitive customer data across all digital platforms.
Recommended Cyber Technology News :
- McGraw Hill Data Leak Caused by Salesforce Misconfiguration
- Microsoft, Salesforce Fix AI Agent Data Leak Flaws
- Cyber Attack on LAPD Leads to Police Data Leak Online
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
