Helping victims claim Group Actions worldwide

Millions of customer records exposed in Prestige Software data breach

Need HELP! Let Us Call You Back...

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

The Prestige Software data breach has led to the potential exposure of the details for millions of guest records in an online cloud database breach.

Prestige Software is reportedly one of the largest online services for hotels, operating a management system that automates bookings for companies that include Booking.com, Expedia, and Hotels.com. It transpires that guest records have been stored in an open online cloud database that can be easily accessible to the public.

If your data has been exposed as part of a data breach, you could be eligible to make a data breach compensation claim with us. We have years of experience in data breach law and currently represent claimants across over 50 multi-party and group action claims. Get in touch today to begin your claim here.

How did the Prestige Software data breach happen?

The Prestige Software data breach was discovered by Website Planet who formed a report on exactly how and what the breach entailed.

Prestige Software was reportedly discovered to have low security software for online databases being used, which stored extremely sensitive customer information. It transpires that Prestige had been using Web Services cloud database to store guest data that was not secure, and it had been using it for some seven years.

This resulted in millions of records being stored on an unsecured cloud database that was easily hackable. Website Planet said that anyone who wishes to hack into the database could do so with ease.

What was exposed in the breach?

The files exposed on the cloud database are thought to be in the region of 10 million, although Website Planet said that it is “hard to say” an exact figure. There was information on the files from as far back as 2013 and the cloud database had 180,000 records from just one month in 2020.

The Website Planet report states that individual documents revealed in the Prestige Software data breach contained:

  • Names;
  • Email addresses;
  • Telephone numbers;
  • National ID numbers;
  • Payment card data, including numbers, cardholder names, CVV numbers, and expiration dates;
  • Hotel reservation information.

This is a huge amount of data on individuals which could have serious consequences if the data has been accessed by criminals. We understand that Prestige Software is currently denying that this could happen.

Prestige Software told Verdict:

“Part of such data was made publicly visible for a very limited time without having been detected any actual access and use of the data beyond the one executed by Website Planet”.

What could I claim for as a data breach victim?

If your data has been exposed in a data breach, you could be eligible to make a compensation claim with us. It is extremely important in these situations for individuals to come forward and make a claim in order to hold an organisation to account.

Victims could make a compensation claim for the distress suffered by the loss of control of their personal data, as well as any financial losses occurred as a result of the data breach (if applicable). We know how stressful it can be when you do not know who is accessing your data, or who is using it, which is why we are here to help.

If it transpires that information has been exposed in the Prestige Software data breach more widely than what has been currently confirmed, this is something that we would take a careful look at.

IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.

Request a call back from our team

Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked * are required.

Your privacy is extremely important to us. Information on how we handle your data is in our Privacy Policy.
You have the right to object to the processing of your personal data.

First published by Matt on December 07, 2020
Posted in the following categories: Data Breach Claims Data Breach Compensation Data Group Actions Group Actions and tagged with | | |


Wisepay data breach affects over 300 school systems
Rise in anti-depressants prescriptions for children