Security researchers with VPN mentor have discovered an unsecured sever exposing 85GB worth of security logs that could provide threat actors with information on weakness in the networks of 96 hotels and therefore put the properties at risk of cyberattacks.
The leaky Elasticsearch database belongs to Pyramid Hotel Group and affects several Marriott locations, Sheraton hotels, Plaza resorts, and Hilton Hotel properties, as well as various independent hotels. The server exposed several types of sensitive data, including information on the IT infrastructure of affected hotels, such as server API credentials and IP addresses; details on the cybersecurity policies of hotels; and employee names.
Read more: Unsecured database exposes 85GB in security logs of major hotel chains