The vpnMentor survey team identified the data leakage of a suite of hotels including Marriott, which is managed by the The Pyramid Hotel Group. This leak seems to show server defects, which if a hacker exploits them might have allowed a future mass attack.
Η leakage this shows that it concerns 85,4GB security files and contains personal identification data of company employees until April 19 2019. This date could be some system setup or maintenance that affected it server and made it open and available to the world.
Wazuh is an intrusion detection system and is used by The Pyramid Hotel Group on a server that suffers and may allow access to the system by hackers. Access to this data enables anyone attacking the system to monitor the hotel network, collect valuable information for administrators and other users, and create the background for future attack. It also allows the attacker to see what the security team sees, learn from their system-based efforts, and adjust their attacks accordingly.
The worst case scenario, of course, is to expose this leak to hackers, hotel customers and their personal data. The information that hackers complain about is private, secret, and usually concerns a team of hotel staff who manage them.
With expertise on the subject and the necessary know-how, the vpnMentor research team examines the database to confirm its identity. After recognition, they communicate the leak to the database owner. If feasible, they are alerted who may be directly affected.
Companies can avoid such a situation by taking immediate action security measures.
The server must always be secured. Still to create and implement appropriate access rules. Finally, there should never be a system that does not require authentication open.