Beautiful Virgin Islands

Monday, Jun 23, 2025

Hotel WiFi across MENA compromised and exposing private data

Hotel WiFi across MENA compromised and exposing private data

Cybersecurity researcher uncovers faulty system used by hotels in the Middle East surrendering personal information on millions of guests worldwide.

Pakistani cybersecurity researcher Etizaz Mohsin was in a hotel room in Qatar when he unexpectedly discovered a technical vulnerability in its internet system that exposed the private information of hundreds of hotels and millions of guests worldwide.

Mohsin told Al Jazeera he was “stunned” by what he uncovered late last year.

“I found out that there is a service running rsync [file synchronization tool], which allows me to dump the files of the device to my own computer,” Mohsin explained. “I was able to access the sensitive information of all other hotels which were using the FTP [file transfer protocol] server for backup purposes.”

From his hotel room he was able to obtain network configurations of 629 major hotels across 40 countries, and the personal information of millions of guests, including their room numbers, emails, and dates they checked in and out of the hotel.

The data included that of major hotel chains across the Middle East and North Africa region, including the Kempinski, the Millennium, Sheraton, and St Regis in Qatar, Turkey, the United Arab Emirates (UAE), Saudi Arabia, Lebanon, Egypt, Bahrain, Oman, Jordan, Kuwait and Bahrain.

The hotels all use an internet system called HSMX Gateway by British company AirAngel. Its clients are among the largest hotel brands worldwide.

This is common practice; most hotels, malls, restaurants, and cafés require people to create an account and fill their information after connecting to the internet in order to start using it. However, it is not without its risks.

“A public WiFi network is fundamentally less secure than one you use at home,” Mohsin explained. “It allows hackers to monitor and intercept data sent across the link, giving them access to sensitive information such as banking credentials and account passwords.”

The HSMX Gateway incident is similar to a vulnerability in hotel routers researchers discovered seven years ago, which affected 277 devices in hotels and convention centres in the United States, Singapore, the United Kingdom, the UAE, and 25 other countries.


‘Stakes are high’


Cybersecurity consultant Ragheb Ghandour told Al Jazeera the ease of access to this data, especially with how centralized it is among hundreds of hotels, is a huge cause for concern.

“Let’s say a spy checks into one of these listed hotels, skims through the files and finds a point of intrusion. They could modify – or mirror – the landing page for the WiFi connection and all the clients of the hotel would send their information straight to them,” Ghandour said. “The stakes are high. You could wreak havoc through the hotel.”

It is not just guests’ personal information that is at risk. Mohsin said a hacker could use the vulnerability to access the guests’ computer and mobile devices, as well as the hotel’s security footage, ventilation systems, and electronic door locks.

In fact, assassins used a vulnerability in a luxury hotel’s internet to unlock an electronic door and carry out a targeted killing in Dubai 12 years ago.

In 2010, a hit squad, reportedly members the Israeli Mossad intelligence agency, assassinated senior Hamas official Mahmoud al-Mabhouh at a luxury hotel in the Emirati city after hacking the key system to enter al-Mabhouh’s room.

AirAngel said in a statement it stopped updating its software in November 2020, and the firm encouraged clients to replace it with a new service called Captivnet. The issue with the previous service remains unfixed, however.

AirAngel added only a small number of clients have not migrated to Captivnet and still use HSMX Gateway. But more than half of the hotels Mohsin discovered compromised continue to use the service.

Of the 629 hotels Mohsin found with faulty internet protection, 378 have not switched to AirAngel’s new service, including more than 100 in the UAE, Saudi Arabia, Qatar, Lebanon, Egypt, and other countries across the MENA region, he said.

Mohsin said he hopes his findings will encourage more people to improve their digital security.

“Always a use a VPN to encrypt all your data as it travels via the network via secure tunnel,” he explained. “Alternatively, you might use mobile data [instead of WiFi] to avoid the dangers in the first place.”


Newsletter

Related Articles

Beautiful Virgin Islands
0:00
0:00
Close
Starmer Invites Innovators to Join Government Talent Scheme
UK Economy’s Strong Opening Quarter Shows Signs of Cooling
Harrods Seeks Court Order to Secure Al Fayed Estate for Victims
BA and Singapore Airlines Cancel Dubai Flights Amid Middle East Tensions
Trump Faces Backlash from MAGA Base Over Iran Strikes
Meta Bets $14 B on Alexandr Wang to Drive AI Ambitions
WATCH: Israeli forces show the aftermath of a massive airstrike at Iran's Isfahan nuclear site
FedEx Founder Fred Smith, ‘Heart and Soul’ of the Company, Dies at 80
Chinese Factories Shift Away from U.S. Amid Trump‑Era Tariffs
Pimco Seizes Opportunity in Japan’s Dislocated Bond Market
Labubu Doll Drives Pop Mart to Status as China’s Most Valuable Toy Maker
Global Coal Demand Defies Paris Accord Goals
We have new information and breaking details to share about what is shaping up to be a historic air campaign tonight
Six Massive Bombs Dropped on Fordow; Trump: 'A Historic Moment for the U.S., Israel, and the World'
Fordow: Deeply Buried Iranian Enrichment Site in U.S.–Israel Crosshairs
United States Conducts Precision Strikes on Iran’s Nuclear Sites
US strikes Iran nuclear sites, Trump says
Pakistan to nominate Trump for Nobel Peace Prize.
BBC Demands Perplexity AI Immediately Stop Using Its Content
Telegram Founder: I Will Leave My Fortune to Over 100 of My Children
Political Turmoil Resurfaces in Belgium Amid Economic Concerns
Fed policymakers divided on timing of interest rate cuts
Trump signals imminent agreement with Harvard University
Inheritance tax referendum alarms Swiss billionaire community
Japan cancels bilateral security meeting amid US defence demands
AI skeptic Emily Bender warns that ‘the emperor has no clothes’
Israel Confirms Assassination of Quds Force Commander in Tehran
16 Billion Login Credentials Leaked in Unprecedented Cybersecurity Breach
Senate hearing on who was 'really running' Biden White House kicks off
Iranian Military Officers Reportedly Seek Contact with Reza Pahlavi, Signal Intent to Defect
FBI and Senate Investigate Allegations of Chinese Plot to Influence the 2020 Election in Biden’s Favor Using Fake U.S. Driver’s Licenses
Vietnam Emerges as Luxury Yacht Destination for Ultra‑Rich
Plans to Sell Dutch Embassy in Bangkok Face Local Opposition
China's Iranian Oil Imports Face Disruption Amid Escalating Middle East Tensions
Trump's $5 Million 'Trump Card' Visa Program Draws Nearly 70,000 Applicants
DGCA Finds No Major Safety Concerns in Air India's Boeing 787 Fleet
Airlines Reroute Flights Amid Expanding Middle East Conflict Zones
Elon Musk's xAI Seeks $9.3 Billion in Funding Amid AI Expansion
Trump Demands Iran's Unconditional Surrender Amid Escalating Conflict
Israeli Airstrike Targets Iranian State TV in Central Tehran
President Trump is leaving the G7 summit early and has ordered the National Security Council to the Situation Room
Taiwan Imposes Export Ban on Chips to Huawei and SMIC
Israel has just announced plans to strike Tehran again, and in response, Trump has urged people to evacuate
Netanyahu Signals Potential Regime Change in Iran
Juncker Criticizes EU Inaction on Trump Tariffs
EU Proposes Ban on New Russian Gas Contracts
Analysts Warn Iran May Resort to Unconventional Warfare
Iranian Regime Faces Existential Threat Amid Conflict
Energy Infrastructure Becomes War Zone in Middle East
UK Home Secretary Apologizes Over Child Grooming Failures
×