Taj Hotels is facing a major setback. Personal information and data of 1.5 million guests of the group has been compromised. This data is available to but for $5000 per set on BreachForums, a dark net marketplace.
The compromised data includes names, addresses, membership IDs, dates, mobile numbers, DOBs and personally identifiable information (PII).
According to an IHCL spokesperson, “We have been made aware of someone claiming possession of a limited customer data set which is of a non-sensitive nature. The safety and security of our customers’ data is of paramount importance to us. We are investigating this claim and have notified the relevant authorities.”
BreachForums has been struck down twice in the past and is infamous for hosting such illicit data sales. The marketplace is often seen as the first preference of threat actors to post on. The threat actor who is selling data breached from Taj has been identified as ‘Dnacookies’.
As reported by CNBC-TV18, cybersecurity expert Sunny Nehra, the data available on the dark net forum is from 2014-2020, he said, “Since the data is not new, there are multiple possibilities that could have led to this breach.”
“There is a possibility that Taj’s cyber security audit hasn’t been conducted since 2020. However, the data is only being sold now by the threat actor,” Nehra further explained.