Mondee data leak of sensitive customer data via exposed database
Learn More
Travel company Mondee caused a data breach when an exposed database was discovered to be leaking sensitive customer information.
The breach was discovered by a security researcher focusing on finding inadvertently exposed data on the internet. The discovered database was reported to Mondee.
The database was accessible without a password, meaning anyone with its IP address could access the sensitive data using a web browser. The database was also accessible through an easily guessable subdomain of a Mondee subsidiary's website, further increasing the risk of unauthorized access.
The exposed database is quite significant, hosting over 1.7 terabytes of data at the time it was discovered. The information contained within it included customers' personal details, including
- names,
- gender,
- dates of birth,
- home addresses,
- flight information,
- passport numbers.
- passenger name records (PNRs), including ticket and booking details.
- credit card numbers and expiry dates
The database was first noticed as exposed in late-July through a listing on Shodan, a search engine that crawls the web for exposed servers and databases. The exact circumstances of how the database became publicly accessible are not known, but such incidents are often the result of misconfigurations caused by human error.
It remains uncertain who else had discovered the exposed database during the time it was accessible to the internet.
Mondee did not acknowledge the breach or provide any comment. However, the exposed database became inaccessible shortly after. As of now, it is also unknown whether Mondee plans to notify affected customers about this significant data exposure.
