Breach: Unsecured Mongo database exposes 700,000 Choice Hotels

Choice Hotel’s vendor had left open an unsecured MongoDB connection to a database containing 700,000 guests information including Full names, Addresses, Phone numbers and Email addresses. The hotel chain includes brands Comfort, Sleep Inn, Quality Inn, Clarion, Econo Lodge, Rodeway Inn and many more. As with yesterday’s Biostar 2 Breach, developers didn’t consider the http access of an open source tool in their security plan.

Unfortunately, before data analysts discovered the breach, a hacker had found and moved the data and was holding it ransom for 0.4 Bitcoin, or $3,856 as of time of writing.

Whether the hacker was a real person who really backed up the data to hold it hostage or a bot that simply deletes the data and leaves a ransom note is anyone’s guess, but this underscores the ongoing problem with not treating tools as part of your secure data infrastructure. As with the Elasticsearch  breach at Biostar, this can be solved with a simple API gateway that can add some level of attestation and access control such as running MicroPerimeter™ Edge in standalone gateway mode.

Here are some more details from news on the web:

700,000 Choice Hotels records leaked in data breach, ransom demanded
https://www.zdnet.com/article/700000-choice-hotels-records-leaked-in-data-breach/

comparitech Report: 700k Choice Hotels customer records leaked
https://www.comparitech.com/blog/vpn-privacy/choice-hotels-data-leak/

Choice Hotels Breach: Hackers Leave Ransom Note For 700K Records
https://www.infosecurity-magazine.com/news/choice-hotels-breach-hackers/