Sensitive customer data of RedDoorz Hotel now for sale on the dark web

December 24, 2021
Sensitive Customer Data RedDoorz Hotel For Sale Dark Web

A Singaporean hotel RedDoorz had been hacked last September with about 6 million customer records that are now up for sale on the dark web.

The hotel company, also formally known as Commeasure Pte. Ltd., has hotel branches throughout Southeast Asia. They announced being attacked by a hacker on September 28 and said they only learned about the incident that affected one of their IT databases with a breach that day. Additionally, they assured their clients that no financial information was compromised on the attack, such as credit card details and passwords.

 

Despite clients’ financial data being safe from the hack against RedDoorz hotel, other sensitive information was still compromised and found on the dark web.

 

Security researchers revealed that the RedDoorz clients’ information available for sale on the dark web includes members’ email addresses, names, genders, profile photos, mobile numbers, birthdays, occupations, and bcrypt hashed passwords.

These customers stolen data, according to researchers, can be exploited for identity theft and fraud. And, if any of the compromised customer data use a work address on their information, it can pose threats to that organisation, such as being targeted for spear-phishing attacks to spread malware and hack into that organisation’s network.

Nevertheless, another security researcher said that the hotel company had used bcrypt, a hashing algorithm to secure stolen member passwords. With the use of secure hashing algorithms such as bcrypt, hackers will find it challenging to crack passwords they steal. However, if the passwords are short and simple, they can still easily crack them.

The data breach details were not disclosed by the hotel company and still is under investigation now. They sought the help of both the Singapore Police and Singapore’s Personal Data Protection Commission in mitigating and investigating the incident.

Furthermore, the complete database of RedDoorz was stolen, which shows that the threat actors might have used attack methods like unsecured database storage or vulnerable configuration. They might also have used web attack tactics like SQL injection. Developers unfamiliar with the best security measures can unintentionally expose unsecured database storage or vulnerable configuration to attack threats.

About the author