After suffering a data breach in September, a threat actor is selling a RedDoorz database containing 5.8 million user records on a hacker forum.
RedDoorz is a Singapore-based hotel management & booking platform with over 1,000 properties across Southeast Asia. Using the website or mobile app, users can register an account to browser available budget hotels and book a reservation.
At the end of September 2020, RedDoorz disclosed that they suffered a data breach after an unauthorized person accessed one of their databases. At the time, though, no RedDoorz financial information or passwords were exposed “to the best of its knowledge.”
This week a threat actor began selling a database containing 5.8 million user records that were stolen during RedDoorz’s data breach.
Also Read: The PDPA Data Breach August 2020: A Recap of 8 Alarming Cases
As part of the sale, the threat actor shared a database sample, including the table structure and records for 587 users. These records allow us to see what was exposed during the RedDoorz breach.
For each user records in the database, a RedDoorz member’s email, bcrypt hashed passwords, full name, gender, link to profile photo, phone number, secondary phone number, date of birth, and occupation is exposed.
For numerous user records in the samples, BleepingComputer has confirmed that the listed email addresses and phone numbers are correct for the particular user.
While this data breach exposed far more sensitive data than initially stated by RedDoorz, it does not contain any financial information.
To be safe, if you are a RedDoorz user, you should immediately change your password.
Also Read: What is Pentest Report? Here’s A Walk-through
If you use the same password at other sites, you should also change the password at those sites to a unique and strong one for that site.
Using unique passwords at every site you have an account prevents a data breach at one site from affecting you at other websites you use.
It is suggested that you use a password manager to help you keep track of unique and robust passwords at every site.
Importance of Efficient Access Controls that every Organisation in Singapore should take note of. Enhancing…
Prioritizing Security Measures When Launching a Webpage That Every Organisation in Singapore should take note…
Importance of Regularly Changing Passwords for Enhance Online Security that every Organisation in Singapore should…
Comprehensive Approach to Data Protection and Operational Integrity that every Organsiation in Singapore should know…
Here's the importance of Pre-Launch Testing in IT Systems Implementation for Organisations in Singapore. The…
Understanding Liability in IT Vendor Relationships that every Organisation in Singapore should look at. Understanding…
This website uses cookies.
