- A threat actor is selling a large database on the dark website
- They claim that it was taken from multiple hotels in Italy.
- The country’s digital transformation agency confirmed the violation
A cybercriminal has managed to enter the reserve system used by numerous hotels in Italy and steal highly confidential information about thousands of guests, experts warned.
Recently, an actor of threats with the alias MyDOCs led the underground piracy forums to announce the sale of approximately 100,000 individual identity documents, including passport explorations, identification cards and more, which claimed to have stolen it with multiple hotels in Italy.
At first, the statements were skepticism of the broader cyber security industry, however, Italy’s technical agency for digital transformation, Agid, has now confirmed the authenticity of rape.
Abuse stolen data
At least ten hotels were beaten, and the number possibly increased in the coming weeks, Agid said, insinuating that he had “intercepted” an illegal sale of the documents.
“These data, once stolen, can be used for fraudulent purposes: from the creation of false documents to the opening of bank accounts, to social engineering attacks and the theft of digital identity, with consequences for victims that can also be serious, both from an economic and legal point of view,” Agid said in a press release (transmitted machine) published on his website.
Mydocs may inflate the numbers or have managed to steal confidential data from years, since some of the compromised hotels have only a few dozen rooms. In any case, an official investigation is now underway.
The hospitality industry, since it handles highly sensitive data, is still among the most specific ones. Hotels and accommodation, restaurants, event planning agencies and tourism companies are frequent ransomware, supplantation and data theft.
Victims are urged to remain attentive to incoming communications, especially emails that claim that they come from Italian hotels.
Through The registration
