FairBridge Inn & Suites left an unprotected database online for an undetermined amount of time, according to a researcher. The database contained approximately 8.1 million Nginx log records, according to Jeremiah Fowler, director of security research at SecurityDiscovery.com. Most of these entries have little to no value for malicious actors, but, unfortunately, 150,000 were customer profiles, said Fowler, who discovered the issue on Dec. 11.
“A vast majority of the records were Nginx logs and some contained hotel guest data,” Fowler said. “Nginx writes records of its events in two types of logs: access logs and error logs. Access logs write information about client requests, and error logs write information about the server and application issues.”
After Fowler located the information that linked the database to its owner, he contacted the company to apprise it of the problem. A representative of FairBridge Inn & Suites confirmed the ownership and secured the database immediately.
It is unclear how long the data was exposed or who else may have had access to the publicly exposed database. It is also unclear if customers or partners have been notified of the exposure.
In detail, SecurityDiscovery.com discussed:
- The estimated 8.1 million Nginx log records that were exposed.
- Customer emails, reservation numbers, customer internet protocol and location data, employee ID and additional records that should not be exposed online.
- The estimated 150,000 customers affected.
- IP addresses, ports, pathways and storage info that cybercriminals could exploit to gain deeper access to the network.