cyber Breach

Gekko Group

May 11, 2023 1 min read
Gekko Group

A vulnerable Elasticsearch database used by Gekko Group allowed the leak of over 1 TB of information about its clients, partners, and customers, putting those people at risk of financial crime, identity theft, and account takeover.

The largest hotel chain in Europe's subsidiary is reported to have 600,000 hotels on its clientele list, according to the leaked data.

The information itself was gathered from a number of different Gekko Group companies as well as the booking websites and travel agencies with which they do business.

Reservation information, such as complete names and addresses, as well as invoices including payment information for both travel agencies and their clients were among the data that were exposed.

Source: https://www.infosecurity-magazine.com/news/french-hotel-giant-leaks-1tb-of/

TPRM report: https://scoringcyber.rankiteo.com/company/gekko-management-gekko-group

"id": "gek1271523",
"linkid": "gekko-management-gekko-group",
"type": "Data Leak",
"date": "11/2019",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"
{'affected_entities': [{'industry': 'Travel and Hospitality',
                        'name': 'Gekko Group',
                        'type': 'Company'},
                       {'industry': 'Hospitality',
                        'name': "Largest hotel chain in Europe's subsidiary",
                        'size': '600,000 hotels',
                        'type': 'Company'},
                       {'industry': 'Travel',
                        'name': 'Booking websites and travel agencies',
                        'type': 'Company'}],
 'attack_vector': 'Vulnerable Elasticsearch Database',
 'data_breach': {'personally_identifiable_information': 'Yes',
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Reservation information',
                                              'Complete names and addresses',
                                              'Invoices including payment '
                                              'information']},
 'description': 'A vulnerable Elasticsearch database used by Gekko Group '
                'allowed the leak of over 1 TB of information about its '
                'clients, partners, and customers, putting those people at '
                'risk of financial crime, identity theft, and account '
                'takeover.',
 'impact': {'data_compromised': ['Reservation information',
                                 'Complete names and addresses',
                                 'Invoices including payment information'],
            'identity_theft_risk': 'High',
            'payment_information_risk': 'High'},
 'title': 'Gekko Group Data Leak',
 'type': 'Data Leak',
 'vulnerability_exploited': 'Misconfigured Elasticsearch Database'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.