Security News
On Wednesday, cybercriminals posted the information of more than 10 million MGM Hotel customers on a hacker forum, exposing their personal data to thousands of criminals nearly a year after the initial breach. In a statement to ZDNet, an MGM spokesperson said: "Last summer, we discovered unauthorized access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts. We are confident that no financial, payment card or password data was involved in this matter." The hackers dumped the personal details-which include full names, home addresses, phone numbers, emails and dates of birth-for 10,683,188 former hotel guests, including Justin Beiber and Twitter CEO Jack Dorsey.
The personal data of 10,683,188 MGM hotel guests that leaked sometime in or before 2017 was posted for sale on the Dark Web this week, ZDNet reports. ZDNet called hotel guests whose details were included in the data dump and found that, while some of the phone numbers had been disconnected, many were still valid, as "The right person answered the phone."
Casino and hotel chain MGM Resorts lost almost 10.7 million guest records last summer, including the data of Jack Dorsey and Justin Bieber, which was duly posted to hacker forums. According to soon-to-be-launched leak tracker Under the Breach, which spotted the post this week, the records included email addresses along with names, phone numbers, addresses and dates of birth.
From hacking hotel room robots to crackdowns on stalkerware apps, Threatpost editors break down this week's top news stories.
Japan's Henn na Hotel says it's "modified" the bots so pervs can't exploit the ability to run unsigned code and spy on future guests.
An unsecured NFC tag opens a door to trivial exploitation of robots inside Japanese hotels.
Leaked travel details revealed US military personnel and trips A security team for review site vpnMentor, led by Israeli researchers Noam Rotem and Ran Locar, recently found a publicly accessible...
Can we at least turn the thing around before we... y'know? Japanese hotel chain HIS Group has apologised for ignoring warnings that its in-room robots were hackable to allow pervs to remotely view...
A Magecart threat actor has compromised the websites of two hotel chains to inject scripts targeting Android and iOS users, Trend Micro’s security researchers warn. read more
Spec design flaw stiffs security of gizmos Roundup Let's run through all the bits and bytes of security news beyond what we've already covered. Also, don't forget our articles from this year's...