I guess this means that a Chinese government system was hacked?
Chinese hotel chain warns of massive customer data theft
China’s largest hotel chain is investigating an apparent data theft that is said to involve as many as half a billion pieces of information. The Xinhua state news agency says Shanghai Police are investigating what looks to be a credible post on a darknet site advertising the sale of nearly 500 million pieces of data reportedly …
COMMENTS
-
Thursday 30th August 2018 00:46 GMT Anonymous Coward
GDPR
Has to be some European Travelers in that 150m guest list. I might be one... The Chinese won't like being told to pay up either. It raises the larger question though, of when will firms stop hoarding data that they don't really need but think might be useful to monetize someday.
A CloudFog warning is needed here too. Juicy data needs tighter controls. If its sitting in a data locker next to some other data its just far too easy for someone to upload it all to the Cloud. You could fly Air-Canada and stay in a Huazhu hotel this week and be really screwed over!
-
Thursday 30th August 2018 18:12 GMT Anonymous Coward
'will firms stop hoarding data they don't need'
Its at the point now, that Firms just can't be trusted to KEEP any user data anymore, because they simply can't!!! There's no magic seal. Everything can be exposed / leaked / breached / hacked given enough time and resources by adversaries, or greed, cost cutting and stupidity by internal or outsourced staff.
Cloud migration is a bad joke and total LIE regarding data protection. Cloud bonuses all round today. But the sad reality is, future staff must deal with the fallout of protecting user data. Which will be protected to the highest standards of the-only-real-thing protecting anyone's data: Layers of PR BULLSHIT...
-
-
-
-
Friday 31st August 2018 02:52 GMT Anonymous Coward
"Real culprit here is the hotel group for holding onto data long after it was needed."
Nope. Under China's cybersecurity laws, hotels are obliged to keep information about guests.
In another word, Real culprit is China, for wanting control over personal information and removing encryption.
-
Thursday 30th August 2018 08:50 GMT Anonymous Coward
Inside job / 8 bitcoin per record
Alternatively the data - or rather the *bulk* data doesn't exist, and someone is chancing that companies will pay up "just to be sure" ?
During the IRAs mainland campaign, more than one smartarse had the idea of pretending they'd planted a bomb, and demanding a few quid from the targeted store not to trigger a (very costly) evacuation. Bearing in mind any losses due to having to shut on a busy Saturday aren't recoverable from insurance, £1,000 or so may seem a reasonable fee.