Industry News: ESG5

Know Your Breach: Sark Technologies

Aug 8, 2019 4:29:34 PM

The target: Sark Technologies

The take: Personal information of over 43,000 customers including: names, addresses, phone numbers, email address, encrypted card numbers and cardholder data.

The attack vector: A vulnerability within an image upload function of Sark Technologies’s reservation and management software, SuperINN. This allowed attackers to insert malicious scripts to export customer data to their own pockets. In addition, the hackers also identified another pathway of attack through a vulnerability in a SQL injection, using this to further extract sensitive cardholder data.


Topics:Know Your Breach

About Castle Hall Diligence

Castle Hall helps investors build comprehensive due diligence programs across hedge fund, private equity and long only portfolios More →

Subscribe to Cyber Updates