cyber Breach

aavgo

May 11, 2023 1 min read
aavgo

A security lapse at a hotel management startup Aavgo has exposed hotel bookings and guests’ personal information.

The server was open for three weeks which can easily be accessed by the use of the internet.

The database contained daily updating logs of the back-end computer system which includes personal booking data like names, email addresses, phone numbers, room types, prices, the location of the hotel and the room, and the dates and times of check-in and check-out.

There was no financial information in the database beyond the credit card issuer.

Many of the records were related to its corporate hotelier customers.

Source: https://techcrunch.com/2019/07/16/aavgo-exposed-hotel-bookings/

TPRM report: https://scoringcyber.rankiteo.com/company/aavgo

"id": "aav22452423",
"linkid": "aavgo",
"type": "Data Leak",
"date": "07/2019",
"severity": "50",
"impact": "2",
"explanation": "Attack limited on finance or reputation"
{'affected_entities': [{'customers_affected': 'Corporate hotelier customers',
                        'industry': 'Hospitality',
                        'name': 'Aavgo',
                        'type': 'Hotel Management Startup'}],
 'attack_vector': 'Unsecured Server',
 'data_breach': {'file_types_exposed': ['logs'],
                 'personally_identifiable_information': ['names',
                                                         'email addresses',
                                                         'phone numbers'],
                 'type_of_data_compromised': ['personal booking data']},
 'description': 'A security lapse at a hotel management startup Aavgo has '
                'exposed hotel bookings and guests’ personal information. The '
                'server was open for three weeks and could easily be accessed '
                'via the internet. The database contained daily updating logs '
                'of the back-end computer system which includes personal '
                'booking data like names, email addresses, phone numbers, room '
                'types, prices, the location of the hotel and the room, and '
                'the dates and times of check-in and check-out. There was no '
                'financial information in the database beyond the credit card '
                'issuer. Many of the records were related to its corporate '
                'hotelier customers.',
 'impact': {'data_compromised': ['names',
                                 'email addresses',
                                 'phone numbers',
                                 'room types',
                                 'prices',
                                 'location of the hotel and the room',
                                 'dates and times of check-in and check-out']},
 'title': 'Data Exposure at Hotel Management Startup Aavgo',
 'type': 'Data Exposure',
 'vulnerability_exploited': 'Open Server'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.