China Hotel Hack of Customers Data Goes on Sale on Dark Web for Less Than 10 BTC
Dark Web Manages to Steal Private Data of 130 Million Huanzhu Hotel Clients, And It’s Now for Sale for Less Than 10 BTC
The Dark Web can be a dangerous place for the everyday user, but it is a hotbed for criminal activity. As such, a recent theft of private data from Huanzhu Hotel has been made available on this area of the internet, and the price is low, considering how much content is being sold. The data was collected from over 130 million clients, and the offer was to sell it for 8 Bitcoin, or $50,592 at the time. That means that each person’s information was sold for less than a penny, which is just another demonstration of why cybersecurity needs to be stronger.
The information that Huanzhu Hotels was experiencing a data theft was originally transmitted to multiple security first in the area. The firms examined this information in hopes that the theft was just a hoax, but the information turned out to be legitimate. It included:
- Check in details, including the customer’s name, birthday, address, and ID number (130 million records, 53 gigabytes)
- Details regarding the hotel stay, including the ID number, room number, card number, mailbox, the time the customer checked in, and the consumption amount (240 million records, 66.2 gigabytes)
- Registration details via the webpage, including demographic information for potential customers like their phone number, password, and email address (123 million records, 53 gigabytes)
Based on the information provided by firms, it looks like this leak happened towards the beginning of August. This heist would coincide with the operations that software engineers took on around the same time, which involved handling sensitive data. However, this time may have been the only opportunity for the hack to be initiated.
Huanzhu Hotels Group has made a name for itself as the largest hotel chain in the entire worked. There are hotels spread over 382 Chinese cities, amounting to thousands of sites. It was only founded 13 yeas ago, and it already has managed to take a spot as one of the top 12 largest hotel groups. Their upscale economy accommodates come with high-quality services, helping each person to have their best possible stay.
When a company as big as Huanzhu demonstrates to clients that they are unable to secure their private and sensitive data, the value that it offers greatly weakens. Based on this hack, the hotel will probably take a major hit as they regain their positive reputation.
To gain more traction on the investigation, Huanzhu hired a cybersecurity firm named Zibao. In a report, Zibao theorized that the hack took place when the hotel’s software engineers were adding some of the database to a website called GitHub. They also found that there were multiple hotels in the group that were victimized – Yi, Mercure, CitiGo, Haiyo, Elan, Ibis, Styles, Hanting, Novotel, Orange, Stairway, and Grand Mercure, specifically.
Since the hack, the police force has been an active contributor to solving the issue at hand. However, very little information is available when there is an ongoing investigation, so there are some details that will probably remain unreleased to the public until an arrest has been made or more.
China has been relatively absent from the cryptocurrency world, which has been mostly because they are worrisome of the potential cybercriminals in it. Their apprehension is only added to with this case, and the government has continued to struggle against the intelligence of these criminals.
The hotel published a statement that made three issues clear in this case –
- The media coverage is doing major damage to their business, despite recent support being hired to help.
- Anyone that attempts to sell or buy their information should stop now.
- They will probably press charges on whoever is found guilty of impeding their rights or the rights of their customers.
So far, little progress has been made. However, the Chinese authorities are seeking addition help from other professionals to push this investigation further