An unknown threat actor claims to have breached Luxury Escapes, an Australian online luxury travel platform, using an SQL injection vulnerability. The attacker is selling a database containing sensitive user data, including partial credit card details and encrypted passport info. #SQLInjection #LuxuryEscapes #DataBreach #UserData #CyberThreat
Keypoints
- The breach was allegedly achieved through an SQL injection vulnerability.
- The stolen database includes data from over 62,000 users.
- Sensitive information such as partial credit card details and user trip history was compromised.
- The attacker is selling the full database, including decrypted passport information for an extra fee.
- Data privacy logs like GDPR and CCPA consents were also part of the stolen data.
Read More: https://dailydarkweb.net/luxury-escapes-data-breach-exposes-user-and-payment-data/