- A threat actor is selling a huge database on the dark web
- They claim it was taken from multiple hotels in Italy
- The country’s digital transformation agency confirmed the breach
A cybercriminal has managed to break into the booking system used by numerous hotels in Italy and steal highly sensitive information on thousands of guests, experts have warned.
Recently, a threat actor with the alias mydocs took to underground hacking forums to advertise the sale of roughly 100,000 individual identity documents, including passport scans, ID cards, and more, which they claimed to have stolen it from multiple hotels across Italy.
At first, the claims were met with skepticism from the wider cybersecurity industry, however Italy’s technical agency for digital transformation, AGID, has now confirmed the authenticity of the breach.
Abusing stolen data
At least ten hotels were struck, with the number possibly increasing in the coming weeks, AGID said, hinting it had “intercepted” an illegal sale of the documents.
“This data, once stolen, can be used for fraudulent purposes: from the creation of false documents to the opening of bank accounts, up to social engineering attacks and digital identity theft, with consequences for victims that can also be serious, both from an economic and legal point of view,” AGID said in a press release (machine translated) posted on its website.
It is possible that mydocs either inflated the numbers, or managed to steal years’ worth of sensitive data, since some of the hotels compromised have just a few dozen rooms. In any case, an official investigation is now under way.
The hospitality industry, given that it handles highly sensitive data, continues to be among the most targeted ones out there. Hotels and lodging, restaurants, event planning agencies, and tourism companies, are frequent victims of ransomware, impersonation, and data theft.
Victims are urged to remain vigilant with incoming communications, especially emails claiming to be coming from Italian hotels.
Via The Register
