InfoSecBulletin Cybersecurity for mankind
Bangladeshi online market place Travela.xyz for homestays and experiences, suffered a major data breach on June 9, 2024. The leaked information, found on a dark web hacking forum, exposed the personal data of the company’s hosts.
The leaked data, which includes user information such as Host ID, First Name, Last Name, Phone Number, Email Address, Birthdate Refer Code, Total Booking, Average Response Time, Status, OS Platform, bkash MSISDN (Mobile Number), Image, and Host Status.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
The Travela.xyz data breach serves as a powerful reminder that even emerging companies are susceptible to the ever-present dangers of the digital world.
BCSI reported, As the investigation unfolds, it becomes evident that it is crucial for both companies and users to acknowledge these risks and proactively shield their personal information. This incident serves as a wake-up call, emphasizing the dire need for steadfast cybersecurity measures. Companies must wholeheartedly prioritize the security of their users’ information by implementing rigorous protective measures, conducting regular security audits, and remaining perpetually vigilant in the face of emerging threats.
Travela was founded in 2020 to make tourism more accessible and beneficial for local economies. it’s vision is to create a world where travel is simple, safe, and enjoyable.
Travela was incorporated as a Private Limited Company at Dhanmondi in Dhaka, Bangladesh in 2020. One from travela said, they are now working Dhaka based.
As travela worked like bnb, its app must contain sensitive information. So, if the bad actor claim is legit, victimas may suffer seriously as bad actor may use or modify the info for illegal purposes. Personal information like phone numbers, email addresses, and birthdates can be used for identity theft, phishing attacks, and other harmful activities. The leak of financial details like the bkash MSISDN increases the risk, potentially resulting in financial fraud.
In recent times, hacker target many Bangladeshi gov.t and private institutions.
