A huge security vulnerability affecting a popular hotel reservation platform has been exposing sensitive information relating to hundreds of thousands of people for bookings dating back several years, it has been revealed. The security flaw concerns a misconfigured AWS S3 bucket that stores data including names, email addresses, credit card numbers and a host of other personally identifiable information.
Spanish technology firm Prestige Software has provided hotels with access to its Cloud Hospitality management platform for a number of years now, offering a service that automates online availability across numerous booking sites.
However, a security team at Website Planet recently discovered that over 10 million individual log files, dating back to 2013, were being stored using…
Source link