Mondee security lapse exposed flight itineraries and unencrypted credit card numbers
Reading Time: < 1 minutesTravel giant Mondee has secured an exposed database that was spilling sensitive customer information, including detailed flight and hotel itineraries and unencrypted credit card numbers.
Much of the data appears to relate to Mondee subsidiary TripPro, a travel agent platform used by tens of thousands of booking agents and travel startups allowing self-service flight ticketing and hotel booking.
The database also contained non-customer testing data generated by Mondee developers.
The database was first spotted as exposed in late-July, according to a listing on Shodan, a search engine that crawls the web for exposed servers and databases. The circumstances of how the database became publicly accessible are not known, though database exposures are often misconfigurations caused by human error.
Mondee did not say if it plans to notify affected customers of this data exposure.
- Call of Duty worm malware used to hack players exploits years-old bug
- Researchers claim US-registered cloud host facilitated state-backed cyberattacks
- U.S. government contractor says MOVEit hackers accessed health data of ‘at least’ 8 million
- Ivanti rushes to patch zero-day used to breach Norway’s government
Reference: https://techcrunch.com/2023/08/02/mondee-data-exposed-credit-cards-flight-itineraries/
Ref: techcrunch
MediaDownloader.net -> Free Online Video Downloader, Download Any Video From YouTube, VK, Vimeo, Twitter, Twitch, Tumblr, Tiktok, Telegram, TED, Streamable, Soundcloud, Snapchat, Share, Rumble, Reddit, PuhuTV, Pinterest, Periscope, Ok.ru, MxTakatak, Mixcloud, Mashable, LinkedIn, Likee, Kwai, Izlesene, Instagram, Imgur, IMDB, Ifunny, Gaana, Flickr, Febspot, Facebook, ESPN, Douyin, Dailymotion, Buzzfeed, BluTV, Blogger, Bitchute, Bilibili, Bandcamp, Akıllı, 9GAG