RCI Hospitality Holdings said a data breach tied to an IDOR flaw in an IIS web server affects more than 40,000 people, exposing sensitive personal information including names, contact details, dates of birth, Social Security numbers, and driver’s license numbers. The company has notified the FBI and is cooperating with the investigation, but the attackers have not been identified. #RCIHospitalityHoldings #FBI #IIS
Keypoints
- RCI Hospitality Holdings disclosed a breach affecting more than 40,000 individuals.
- The incident involved an IDOR vulnerability in an IIS web server.
- Attackers accessed personal data of independent contractors.
- Exposed information included names, contact details, dates of birth, SSNs, and driver’s license numbers.
- The FBI has been notified, and no threat actor has claimed responsibility.
Read More: https://www.securityweek.com/nightclub-giant-rci-says-data-breach-affects-40000-individuals/