U.S. Government, Military Personnel Data Leaked By Autoclerk

A leaky database owned by reservations management system Autoclerk has exposed the personal data and travel information for thousands of users – including U.S. government and military personnel.

Autoclerk, which was acquired by the Best Western Hotel and Resorts Group in August, provides reservation management software for hotels, accommodation providers, travel agencies and more. Researchers with vpnMentor on Monday said that they discovered an Elasticsearch database, owned by Autoclerk, exposed online that contained over 100,000 booking reservations for travelers.

“The database was hosted by Amazon Web Servers in the USA, containing over 179GB of data,” Noam Rotem and Ran Locar, researchers with vpnMentor, said in a Monday post. “Much of the data exposed originated from external travel and hospitality platforms using the database owner’s platform to interact with one another. The client platforms affected include property management systems (PMS), booking engines, and data services within the tourism and hospitality industries.”

Read more at ThreatPost

Homeland Security Today

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

See Full Bio