Travel booking sites seized in Israel after a data breach incident

July 6, 2022
Travel Booking Website Seizure Israel Data Breach Cyberattack Incident Gol Tours Cybersecurity

Israel’s Privacy Protection Authority recently seized the web servers of travel booking sites in the country after the agency confirmed that the operators of these sites had not addressed some cybersecurity issues that affected hundreds of thousands of their clients.

As per recent reports, about ten websites hosted by an Israel-based booking firm Gol Tours LTD, were shut down due to a cybersecurity issue that compromised over 300,000 individuals to a data breach, losing their sensitive information to hackers such as their details and credit card data.

 

The cyberattack against Gol Tours’ travel booking sites was believed to be the doing of an Israeli threat group Sharp Boys.

 

After the data breach was detected, the security agency immediately reached out to Gol Tours to take action about the incident and highlighted that if they failed to report the security breach or did not cooperate with the proper protocols, they would be forced to disrupt the involved company’s operations.

It was the first time that Israel’s Privacy Protection Authority had seized the servers of an Israeli company due to failure to cooperate with a cyberattack incident. However, following the seizure of their travel booking sites, Gol Tours clarified that the threat actors were only able to steal names and contact details and denied the accusations of not cooperating with the security agency about taking action with the security breach.

Moreover, the booking firm added that the agency had sent them a faulty document and was unresponsive to their messages.

The culprit of the attack, Sharp Boys, claimed to be an independent hacking group and revealed stealing Gol Tours’ databases that contained clients’ names, contact details, email addresses, banking data, passport numbers, and travel history information. The threat group also leaked 300,000 worth of customer data a few days after their announcement.

To add more proof, Sharp Boys also published a screenshot showing remote desktop access to Gol Tours’ hosted domain sites. Security researchers performed a verification check on these domains and found that the booking firm indeed operated them.

About the author

Leave a Reply