The Pyramid Hotel Group data leak exposes 85GB of security logs of major hotel chains

vpnMentor researches have recently discovered that hotel brands managed by The Pyramid Hotel Group have suffered a data leak.

vpnMentor experts have discovered that hotel brands managed by The Pyramid Hotel Group, including Marriott, have suffered a data leak,

vpnMentor’s research team discovered the unprotected server through port scanning to examine known IP blocks.

Researchers discovered 85.4GB of security audit logs, the exposed data also include monitoring and alerts, reported system errors, misconfiguration, policy violations, potential attempted malicious breaches, and other cybersecurity events. Unsecured data also include personally identifying information (PII) of employees.

Exposed data is date back to April 19, 2019, likely the date of the system setup or reconfiguration that is the root cause of the leak.

The unsecured server exposed audit logs generated by Wazuh, an open-source intrusion detection system used by the company.

“The Pyramid Hotel Group utilizes Wazuh – an open source intrusion detection system – on an unsecured server that is leaking information regarding their operating systems, security policies, internal networks, and application logs.” reads the post published by vpnMentor.

The Pyramid Hotel Group manages hospitality and resort properties in the US, Hawaii, the Caribbean, Ireland, and the UK, it includes locations of several brands such as Marriott, Sheraton, Plaza, Hilton Hotel and other independent hotels.

Data leaked by the company could be used by attackers to gather information about hotels’ network and security measures implemented to protect them. This information could be used by hackers in later attacks.

Below the timeline of discovery:

DATE	EVENT
5/27/19	Breach discovered by vpnMentor Research team
5/28/19	Informed PHG of breach
5/28/19	Received acknowledgement from PHG
5/29/19	Data leak closed. Problem resolved.

Recently vpnMentor experts discovered an unprotected database impacting up to 65% of US households.

If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter”

Thank you

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – Pyramid Hotel Group, data leak)

[adrotate banner=”5″]

[adrotate banner=”13″]