Choice Hotels; Another Victim to Yet Another Ransomware Attack

Choice Hotels recently suffered a ransomware attack and 700,000 records were stolen with hackers demanding payments for their return.

Findings

An unsecured database was found by a researcher containing data belonging to the hotel franchise on July 2 2019. The MongoDB database was publically accessible with no password or authentication, leaving a roundabout of 5.6 million records exposed.

According to Choice Hotels, the bulk of the records were only test information, including payment cards, passwords and reservation fields. However, 700,000 records were genuine and contained information on guests such as names, emails and contact numbers.

Upon investigating the database, a ransom note was found, claiming that 700,000 records had been stolen. The ransom demanded 0.4 bitcoin, which is approximately $4,000.

Access to the database was closed off on July 2 and it appears the system was exposed for a total of four days. Choice Hotels say the database was operated by a partner vendor and no internal Choice Hotels server were accessed.

The database was then secured but no further action was taken. Choice Hotels said in a statement that they are discussing the matter with the vendor and will not be working with them in the future.

This statement shows the lack of trust the hotel has on the vendor and with good reason. If the vendor had provided a good security for the database, all of the records would have been easily recovered and the current situation would’ve been avoided.

How should companies prepare for such attacks?

Companies need to prepare for anything and by anything I mean ANYTHING. Cyber-attacks are getting very common and there must be a proper plan in place. Only a well planned and executed backup and recovery plan can ensure data is not lost and easily recovered. Solutions such as StoneFly’s CDR365, DR365 & DR365V (Veeam backup & replication software) can ensure protection and backup for critical data.

3–2–1 Rule

The best bet to ensure security and recoverability is the 3–2–1 data protection rule. According to this rule, there should be; three copies of data, stored on two types of storage media with one offsite copy (at least). It delivers a complete data protection and reduces the chances of data loss greatly.

What makes Stonefly better than other Vendors

Stonefly offers efficient storage, backup and disaster recovery solutions. Stonefly CDR365 is a simple to use, easy to manage online backup solution. It has a user friendly interface with powerful functionality. With advanced features that detect ransomware and block it from accessing backup data, it ensures ransomware protection for business data. It is best suited for small and Medium Size Business.

Another solution is Stonefly’s DR365, it is a purpose built backup and disaster recovery solution and ransomware protection for large scale businesses. Equipped with AES 256-bit encryption and SSL/TLS tunneling which ensures enterprise data is fully protected from cyber threats (like ransomware).

It delivers cloud connect services enabling enterprise IT environments to setup an efficient hybrid backup solution that backs up data in Microsoft Azure, AWS cloud and other similar public clouds; or to StoneFly’s private cloud). With data services such as snapshots and replication, users can ensure that they always have a way to recover from threats like ransomware without paying any ransom. Low to little restoration time ensures businesses to restore their mission critical workloads within seconds; effectively reducing downtime and delivering Reduced Recovery Time Objectives (RTOs) and Recovery Point Objectives (RPOs).

Conclusion

Choice Hotels are the latest victim to these ever increasing ransomware attacks. Cyber-attacks are a deadly threat and businesses can leave themselves vulnerable to these threats without a proper backup and recovery solution. By configuring the 3–2–1 rule businesses can make sure that their critical data is always recoverable and protected from ransomware attacks.

Stonefly offers a wide range of enterprise grade data protection solutions that can facilitate businesses to protect their critical data from cyber-attacks like ransomware and many others and it return be worry free in an event of a cyber-attack.