[tmsbrg]

Not really. In the article it says hackers are getting malware onto the hotel's computers using social engineering. That's really hard to counteract. They could steal cookies, or also just control the existing session using the malware. 2fa won't help if you're already logged in and the hacker hacks your computer.

[jacquesm]

And 'after hours' if you happen to come by the front desk it isn't all that rare to see the computers up and running but unattended because the desk clerk stepped away for a moment.

[mr_mitm]

Then why is only booking affected? Surely many of these hotels are also affiliated with hotels.com and similar portals.

[jacquesm]

Every big hospitality broker is under these kinds of attacks. Hotels.com data got exposed en-masse through one of their service providers.

[smueller1234]

Booking is the largest and thus a juicy target for both attackers and articles. Having worked there, I know that competitors had the same problems though.

[commonenemy]

you can always do geo and browser signature checks aginst sessions

[yourusername]

If you have malware on the hotel computers presumably you could make the malware make the request. You can't get too aggressive with your geo/browser checks because there are probably a lot of legitimate logins where the owner is doing some work from home or from a different location.

[commonenemy]

I mean if the malware has total control of the computer, there is nothing you can do. But if it’s just stealing cookies, then there’s already a lot of existing technologies to prevent that.