Choice Hotels targeted by the ransomware attach that exposed 700,000 customer records was apparently stole by hackers including names, addresses, email addresses, and/or phone numbers.
Using the personal information contained in the exposed database, scammers can craft targeted phishing emails.
The company says the data was hosted on a vendor’s server, and no Choice Hotels servers were accessed.
Diachenko promptly alerted the organization to the exposed MongoDB instance, but it seems malevolent parties were the ones to access it first.
They left a ransom note demanding 0.4 Bitcoin, or $3,856 as of time of writing.
Source: https://www.comparitech.com/blog/vpn-privacy/choice-hotels-data-leak/
"id": "CHO0593423",
"linkid": "choice-hotels-international",
"type": "Ransomware",
"date": "08/2019",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"