Ibis Budget hotels in Germany were found to leak hotel room key codes through self-service check-in terminals, and a researcher behind the discovery claims the problem could potentially affect hotels around the world. It would be very easy for anyone to abuse the terminal’s security flaw without any technical knowledge or specialized tools, as it is a security flaw that can be exploited by anyone.
In actuality, an attacker can aggregate a whole lot of room keycodes in just a few minutes as long as a regular customer uses the same machine to check into their room, as long as the attacker is persistent. In addition to speaking with staff at the front desk, hotel guests can also take advantage of self-service check-in terminals. Front desk staff can be unavailable at times for guests to interact with them.
These terminals offer guests the ability to not only check into their rooms, but they can also search for information about existing bookings as well, which is what Ibis Budget is all about. Based on the company’s website, 600 Ibis Budget hotels are operating in 20 different countries around the world. This is an Ibis Budget hotel chain owned by Accor.
They believe the vulnerability likely affected other hotels as well, as they discovered in late 2023 a security flaw in the self-check-in terminal that was installed at an Ibis Budget hotel in Germany.
Ibis Budget hotel customers
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: