US spy agency asked hacker to steal foreign diplomats’ data, journalists claim — RT World News
Unspecified US spy agency links reportedly linked to a hacker who attacked Booking.com, a hotel booking site. The attack targeted foreign diplomats in the Middle East. Customers were not notified of the attack by the company.
This is the alleged perpetrator. “Andrew,”The thieves stole “details of thousands of hotel reservations”According to NRC Handelsblad’s Wednesday report, there are 63 countries in the Middle East. It cited accusations in a book that its journalists had just published.
An employee at the joint US-Dutch firm’s Amsterdam headquarters discovered the hack by accident after coming across an unauthorized access via a poorly secured server. Andrew and his associates gained access to customers’ data and travel plans as well as unique user ID numbers (PINs).
Three former security experts and the manager of the company during the incident confirmed the hack. Enlisting US private investigators, Booking.com’s security team determined two months later that Andrew worked for a company that carried out assignments from US intelligence services. We are unable to identify the agency that was involved in this incident.
Although Booking.com alerted the Dutch intelligence agency AIVD, it apparently did not notify users or the Dutch Data Protection Authority (AP) – later justifying this decision on the grounds that it was not legally required to do so at the time. The hack predated the implementation of the EU’s General Data Protection Regulation (GDPR), which requires data leaks to be disclosed to state authorities.
However, unnamed sources revealed that the company’s IT specialists were uncomfortable with the management’s decision – based on advice from London-based law firm Hogan Lovells – to keep the breach under wraps. The company had to notify affected people under the privacy laws in force at the time. “would likely have adverse effects on the private lives of individuals.”
Claim that “no sensitive or financial information”was exposed in the leak. The company claimed in a statement that the information had been accessed by the company. “leadership at the time worked to follow the principles of the Dutch Data Protection Act.”This law required companies to send a notice. “only if there were actual adverse negative effects on the private lives of individuals, for which no evidence was detected.”
The repomassnews.comes almost exactly eight years after NSA whistleblower Edward Snowden revealed the existence of a special program called ‘Royal Concierge’ run by British spy agency GCHQ that conducted surveillance on more than 350 hotels hosting foreign diplomats and officials.
While the Snowden documents did not identify any specific reservation websites, a former Booking.com security specialist told the Dutch paper that it would be “crazy if [it] weren’t on that list.”
Share this article with friends if you enjoy it!