From a heavy data leak in a Dutch ticket service provider for zoos and amusement parks are also around 400.000 Visitors to the capital-zoos affected. The Berlin Zoological Garden have their visitors registered on the Internet on Friday over one "Data theft" informed at your Dutch partner ticketCounter. Among other things, it deals with data from gastes between the 28. April and the 5. August 2020 bookings had tailored to the respective online shops.
Hundreds of thousands of guests affected
"Unfortunately, your data is also affected", Quotes the daily mirror from the message of the zoo operators to the users of their card distribution on the Internet. "Please be ared that we put all the levers in motion, so that such events are not again repeated. Finally, the security of your data has our highest priority."
On Wednesday, Zoo and Tierpark Berlin had informed that personnel data of around 400.Migrated 000 guests in the net. It is "Highly likely to information about name, e-mail address and details of the booked products". The transfer of passwords, telephone numbers, address or birth data KONNE "definitely be excluded", Since these were not queried in the registration process of the current online shops.
The Zoological Garden of the capital Bahnen to caution and recommend as a precaution, password to change, "If these are easy to derive from the name and e-mail address". Zoo and animal park director Andreas Knieriem stressed: "We have informed about the existing privacy tools in Germany immediately via the incident, when ticketCounter has informed us about the data theft." The leak has been resolved, so that the further operation of the online shops is nothing in the way. The ticketing system will be replaced in April, the cooperation with ticketcounter then finished.
A lot more affected overall
About the data leak had first the portal Bleeping computer reported. Thus, a user database with 1.9 million different e-mail addresses have been lost at ticketcounters with 1.9 million different e-mail addresses. Parts have also been phone numbers, IP addresses, birth data, bank accounts and gashed passwords have been included. TicketCounter boss Sjoerd Bakker confirmed the incident. He explained that the company had transferred the database to a server of the Microsoft Cloud Service Azure to a "Anonymization procedure" to test. In the way, the directory has not been adequately secured.
The database should according to the report on 21. February at short notice in a hacker forum for sale. But you have already found a customer in parallel but already on a private way. Bakker explained, from the Cybergauner on 22. February has been erupted. This has seven bitcoin (around 285.000 Euro) requires so that the data was not lacted. TicketCounter did not pay, but immediately informed all the partners about the incident.
The attacker made the database freely available after a hacker forum. She was also provided to the HAVE I Been Pwned service and thereby maintained where users can inform them about whether their e-mail addresses and other information is affected by a data leak.
Not only Berlin zoos
At the partners of TicketCounter belonged to Zoos enjoyment parks, museums and other recreational facilities. Data from dozen companies have been included in the backup, awareness of Bakker. Passwords were not completed, ames the company. Also the Kolner Zoo, who after the Lockdown on the 12th. To open Marz again, uses the service provider for online sales. A spokesman explained opposite to our site, ticketcounter has confirmed the operation that it was not affected by the leak.