500 Million Hotel Records Exposed: How the Massive Data Leak Impacts Your Privacy

On August 28, a screenshot circulated on social media showing that data from multiple Huazhu hotel chains was being sold on the dark web, affecting brands such as Hanting, Meijue, Xiyue, Manxin, Novotel, Mercure, CitiGo, Orange, Fullseason, Xingcheng, Ibis, Yilai, and Haiyou, with a total of 500 million records.

The leaked data includes:

Huazhu website registration information (name, phone, email, ID number, password) – 53 GB (~1.23 billion records).

Hotel check‑in identity details (name, ID number, address, birthday, internal ID) – 22.3 GB (~1.3 billion records).

Room reservation records (internal ID, room association, name, card number, phone, email, check‑in/out times, hotel ID, room number, consumption amount) – 66.2 GB (~2.4 billion records).

The data was initially priced at 8 BTC (≈ US$55,219) or 520 XMR, later reduced to 1 BTC or 65 XMR.

Huazhu has experienced similar incidents before; in 2013, Hanting Hotel suffered a breach of 20 million records, leading to lawsuits.

Risk mitigation

Given the volume and completeness of the leaked information, users should be extremely cautious.

Potential threats include:

Targeted marketing : The extensive data enables precise profiling for commercial purposes.

Impersonation scams : Fraudsters may use the data to pose as victims and request money or loans.

Privacy invasion : Full personal details and hotel stay histories are exposed, leaving individuals vulnerable.

Security recommendations

Prioritize security operations and avoid reactive measures.

Implement appropriate level‑protection compliance with relevant regulations.

Conduct regular security testing and assessments.

Perform source‑code security audits for critical business services.

Establish an enterprise security incident‑response mechanism.

Strengthen employee security‑awareness training.

Media reports suggest the breach originated from a developer mistakenly publishing database configuration files to GitHub, which were then exploited by attackers.

Article compiled from sources such as Seebug and Sina Weibo.