• A threat actor is selling a huge database on the dark web
• They claim it was taken from multiple hotels in Italy
• The country’s digital transformation agency confirmed the breach

A cybercriminal has managed to break into the booking system used by numerous hotels in Italy and steal highly sensitive information on thousands of guests, experts have warned.

Recently, a threat actor with the alias mydocs took to underground hacking forums to advertise the sale of roughly 100,000 individual identity documents, including passport scans, ID cards, and more, which they claimed to have stolen it from multiple hotels across Italy.

At first, the claims were met with skepticism from the wider cybersecurity industry, however Italy’s technical agency for digital transformation, AGID, has now confirmed the authenticity of the breach.

You may like

Abusing stolen data

At least ten hotels were struck, with the number possibly increasing in the coming weeks, AGID said, hinting it had “intercepted” an illegal sale of the documents.

“This data, once stolen, can be used for fraudulent purposes: from the creation of false documents to the opening of bank accounts, up to social engineering attacks and digital identity theft, with consequences for victims that can also be serious, both from an economic and legal point of view,” AGID said in a press release (machine translated) posted on its website.

It is possible that mydocs either inflated the numbers, or managed to steal years’ worth of sensitive data, since some of the hotels compromised have just a few dozen rooms. In any case, an official investigation is now under way.

The hospitality industry, given that it handles highly sensitive data, continues to be among the most targeted ones out there. Hotels and lodging, restaurants, event planning agencies, and tourism companies, are frequent victims of ransomware, impersonation, and data theft.

{ window.reliablePageLoad.then(() => { var componentContainer = document.querySelector(“#slice-container-newsletterForm-articleInbodyContent-ECxM7DyZ7D5Rvqa6Dun9eH”); if (componentContainer) { var data = {“layout”:”inbodyContent”,”header”:”Are you a pro? Subscribe to our newsletter”,”tagline”:”Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!”,”formFooterText”:”By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.”,”successMessage”:{“body”:”Thank you for signing up. You will receive a confirmation email shortly.”},”failureMessage”:”There was a problem. Please refresh the page and try again.”,”method”:”POST”,”inputs”:[{“type”:”hidden”,”name”:”NAME”},{“type”:”email”,”name”:”MAIL”,”placeholder”:”Your Email Address”,”required”:true},{“type”:”hidden”,”name”:”NEWSLETTER_CODE”,”value”:”XTP-X”},{“type”:”hidden”,”name”:”LANG”,”value”:”EN”},{“type”:”hidden”,”name”:”SOURCE”,”value”:”60″},{“type”:”hidden”,”name”:”COUNTRY”},{“type”:”checkbox”,”name”:”CONTACT_OTHER_BRANDS”,”label”:{“text”:”Contact me with news and offers from other Future brands”}},{“type”:”checkbox”,”name”:”CONTACT_PARTNERS”,”label”:{“text”:”Receive email from us on behalf of our trusted partners or sponsors”}},{“type”:”submit”,”value”:”Sign me up”,”required”:true}],”endpoint”:”https://newsletter-subscribe.futureplc.com/v2/submission/submit”,”analytics”:[{“analyticsType”:”widgetViewed”}],”ariaLabels”:{}}; var triggerHydrate = function() { window.sliceComponents.newsletterForm.hydrate(data, componentContainer); } if (window.lazyObserveElement) { window.lazyObserveElement(componentContainer, triggerHydrate); } else { triggerHydrate(); } } }).catch(err => console.error(‘%c FTE ‘,’background: #9306F9; color: #ffffff’,’Hydration Script has failed for newsletterForm-articleInbodyContent-ECxM7DyZ7D5Rvqa6Dun9eH Slice’, err)); }).catch(err => console.error(‘%c FTE ‘,’background: #9306F9; color: #ffffff’,’Externals script failed to load’, err)); ]]>

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Victims are urged to remain vigilant with incoming communications, especially emails claiming to be coming from Italian hotels.

Via The Register

You might also like