Gekko Group, a subsidiary of Accor Hotels, has suffered a major data breach that may have affected a customer base of 600,000 hotels worldwide. Gekko Group is a France-based and leading European B2B hotel booking platform that also owns several smaller hospitality brands. These include Teldar Travel & Infinite Hotel, the two brands most exposed in the database.
Led by Noam Rotem and Ran Locar, vpnMentor’s research team discovered the data breach and found the database exposed contained over 1 terabyte of data. This included data from Gekko Group brands and their clients, as well as external websites and platforms which their systems communicate with, such as Booking.com.
As Gekko Group’s brands serve very different functions, there was a huge variety in types of data the research team accessed, including:
• Hotel and transport reservations
• Credit card details
• Personally Identifiable Information (PII) of various parties
• Login credentials for client accounts on Gekko Group-owned platforms
Read original article