cyber Ransomware

Choice Hotels International

May 11, 2023 1 min read
Choice Hotels International

Choice Hotels targeted by the ransomware attach that exposed 700,000 customer records was apparently stole by hackers including names, addresses, email addresses, and/or phone numbers.

Using the personal information contained in the exposed database, scammers can craft targeted phishing emails.

The company says the data was hosted on a vendor’s server, and no Choice Hotels servers were accessed.

Diachenko promptly alerted the organization to the exposed MongoDB instance, but it seems malevolent parties were the ones to access it first.

They left a ransom note demanding 0.4 Bitcoin, or $3,856 as of time of writing.

Source: https://www.comparitech.com/blog/vpn-privacy/choice-hotels-data-leak/

TPRM report: https://scoringcyber.rankiteo.com/company/choice-hotels-international

"id": "cho0593423",
"linkid": "choice-hotels-international",
"type": "Ransomware",
"date": "08/2019",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'customers_affected': 700000,
                        'industry': 'Hospitality',
                        'name': 'Choice Hotels',
                        'type': 'Hospitality'}],
 'attack_vector': 'Exposed MongoDB Instance',
 'data_breach': {'data_exfiltration': True,
                 'number_of_records_exposed': 700000,
                 'personally_identifiable_information': True,
                 'sensitivity_of_data': 'Medium',
                 'type_of_data_compromised': ['Names',
                                              'Addresses',
                                              'Email Addresses',
                                              'Phone Numbers']},
 'description': 'Choice Hotels was targeted by a ransomware attack that '
                'exposed 700,000 customer records including names, addresses, '
                'email addresses, and/or phone numbers. The data was hosted on '
                'a vendor’s server, and no Choice Hotels servers were '
                'accessed. Hackers left a ransom note demanding 0.4 Bitcoin, '
                'or $3,856.',
 'impact': {'data_compromised': 'Customer Records',
            'identity_theft_risk': 'High',
            'systems_affected': 'Vendor’s Server'},
 'initial_access_broker': {'entry_point': 'Exposed MongoDB Instance'},
 'motivation': 'Financial Gain',
 'ransomware': {'data_exfiltration': True, 'ransom_demanded': 0.4},
 'title': 'Choice Hotels Ransomware Attack',
 'type': 'Ransomware Attack',
 'vulnerability_exploited': 'Exposed Database'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.