Data Breach Summary
InsecureWeb, a company dedicated to scanning the dark web for security breaches of clients’ companies, has detected a data breach at The Grand, a luxury hotel chain with locations around the world. The breach was posted by zxcv16 on the website Nulled on June 4, 2023. InsecureWeb immediately notified The Grand of the breach and took measures to secure their compromised data.
The website thegrand.rentals suffered a data breach, with 25.8 MB of data leaked by zxcv16. The compromised information included sensitive data such as book_id, payment_bypass, receipt_no, entry_date, owner_id, insert_by, poc_id, condo_id, book_st_dt, book_end_dt, guest_no, party_name, party_lname, party_thumb, base_guest_acc_card, email, phone, address, city, state, country, zip, description, tran_id, tran_date, tran_status, tran_message, tran_messagex, tran_arr, status, rejection_cause, rejection_detail, guest_fname_1, guest_lname_1, guest_age_1, chkin_by, chkin_time, chkin_fname, and chkin_lname.
Where and How?
The security breach was found in a Dark Web forum and was discovered by InsecureWeb while scanning the web for potential security breaches. InsecureWeb immediately notified The Grand of the breach, and the company took swift action to secure their compromised data and prevent any further unauthorized access.
A Screenshot of the data can be found below:
Company Data Breach History
This is not the first time that The Grand has suffered a data breach. In 2020, the company was also hacked, and over 100,000 customer accounts were compromised. The company had taken steps to improve their security measures, but unfortunately, they were still vulnerable.
Recommendations for Personal Data Protection
How Users Can Protect Their Information
To protect their personal information and accounts from being compromised, users should take the following steps:
– Change their passwords frequently, with a combination of letters, numbers, and symbols.
– Enable two-factor authentication whenever possible.
– Use unique passwords for each account, to prevent hackers from accessing multiple accounts with the same password.
– Be cautious of suspicious emails or messages, as they may contain phishing links that can compromise their accounts.
– Regularly monitor their accounts for any suspicious activity.
What is InsecureWeb?
InsecureWeb is a Dark Web monitoring service that keeps track of recent data breaches and tracks their impact by monitoring the darkest places of the internet. InsecureWeb notifies users and enterprises when their data has been found online and helps them mitigate the impact.