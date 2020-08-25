Expert Commentary: Travel Site Exposed 37 Million Records Before Meow Attack

82 0
Dot Your Expert Comments
Facebook Twitter WhatsApp Google LinkedIn Email

RailYatri, the company behind one of India’s most popular travel booking sites exposed 43GB of customer and corporate data before it was deleted by the infamous “Meow” attacker. A team at SafetyDetectives discovered an Elasticsearch server without password protection or encryption on August 10. It failed to get a response from the company in question, government-backed travel marketplace RailYatri, but the database was eventually secured after contact was made with India’s national CERT (CERT-In). However, that was too late to save most of the information stored there: the Meow bot struck on August 12 and apparently deleted all but 1GB of the data.

Exposed in the misconfiguration were users’ full names, age, gender, physical and email addresses, mobile phone numbers, booking details, GPS location and names/first and last four digits of payment cards.

EXPERTS COMMENTS
Chris DeRamus , VP of Technology Cloud Security Practice,  Rapid7
August 25, 2020
Such a proactive approach can prevent sensitive information from being stolen or erased by malicious actors and keep customer data safe.
The MeowBot is a recent phenomenon that some theorize is the work of a vigilante trying to teach a “hard lesson in security.” There is certainly a lesson here for RailYatri and all organizations on the consequences of leaving a server exposed without password protection or encryption. When a data leak occurs, not only does the organization have to deal with the fallout of lost information, but ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments
In this article