A hotel check-in system left more than 1 million customer passports, driver’s licenses, and selfie verification photos to the open web after a security lapse. The data is now offline after TechCrunch alerted the company responsible.
The hotel check-in system, called Tabiq, is maintained by the Japan-based tech startup Reqrea. According to its website, Tabiq is used in several hotels across Japan and relies on facial recognition and document scanning to check guests in.
Read more…
Source: TechCrunch News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- An investigation into the tools and methods used by the Higaisa group
August 19, 2024
In March 2020 specialists from the PT Expert Security Center conducted an analysis on the activities of the APT group Higaisa. This group was first studied by security analysts at Tencent in November 2019. In that analysis, Tencent specialists reached the conclusion that Higaisa has its origins in South Korea. The group, which is still active ...
- Kadokawa confirms data leak of 254,000 people due to cyberattack
August 6, 2024
Japanese publisher Kadokawa has confirmed a data leak affecting 254,241 people due to a cyberattack. The finding, announced Monday, is based on an investigation by third-party experts. Of the leaked data, information of 186,269 people was related to Kadokawa Dwango Educational Institute, including N High School, a correspondence school. Kadokawa reported the investigation results to the ...
- APT40 Advisory PRC MSS tradecraft in action
July 8, 2024
The PRC state-sponsored cyber group has previously targeted organisationsin various countries, including Australia and the United States, and the techniques highlighted below are regularly used by other PRC state-sponsored actors globally. Therefore, the authoring agencies believe the group, and similar techniquesremain a threat to their countries’ networks as well. The authoring agencies assess that this group ...
- Japan: MSDF chief may quit over widespread mishandling of secret info
July 6, 2024
Several Maritime Self-Defense Force vessels reportedly allowed unvetted personnel to handle top secret information related to national security, with the MSDF’s top uniformed officer signaling his intention to resign over the latest breach. Ryo Sakai, the MSDF’s chief of staff since 2022, is expected to quit his post and the Defense Ministry is considering disciplinary actions ...
- Japan’s space agency was hit by multiple cyberattacks, but officials say no sensitive data was taken
June 21, 2024
Japan’s space agency has suffered a series of cyberattacks since last year, but sensitive information related to rockets and satellites was not affected and it is continuing to investigate and take preventive measures, officials said Friday. Chief Cabinet Secretary Yoshimasa Hayashi acknowledged that the Japan Aerospace Exploration Agency, or JAXA, has had “a number of” cyberattacks ...
- The Updated APT Playbook: Tales from the Kimsuky threat actor group
March 20, 2024
Rapit7 team recently ran across some interesting activity that they believe is the work of the Kimsuky threat actor group, also known as Black Banshee or Thallium. Originating from North Korea and active since at least 2012, Kimsuky focuses primarily on intelligence gathering. The group is known to have targeted South Korean government entities, individuals associated with ...