APICaller.com.au

  • Media Booth Australia previously operated an insecure web server on their now-deleted apicaller.com.au domain name. See below WHOIS Extracts.
  • Data supports a contention that Sea World Helicopters and Professional Helicopter Services granted Media Booth Australia access to their Rezdy application programming interface (API) and unlimited access to all customer helicopter flight bookings/orders and associated personal information.
  • Data supports a contention that Sea World Helicopters and Professional Helicopter Services permitted Media Booth Australia to transfer customer helicopter flight bookings/orders and associated personal information from Rezdy using the Rezdy API to a publicly accessible and insecure LiteSpeed Web Server operated by Media Booth Australia at apicaller.com.au.
  • Data supports a contention that Media Booth Australia permitted inexperienced contractors and/or employees of Media Booth Australia with no known relevant information security or privacy qualifications to access Sea World Helicopters and Professional Helicopter Services customer helicopter flight bookings/orders and associated personal information.

Screenshot: Media Booth Australia’s Publicly Accessible and Insecure Web Server leaking Sea World Helicopters’ Customer Personal Information to Public Google Cache (20 June 2022)

Redacted screenshot of publicly accessible personal information, including full name, email address, phone number and customer's weight, for Sea World Helicopters flight bookings in Google's cache. This is Google's cache of http://apicaller.com.au/apicaller.com.au/fellipe/seaworld.php. It is a snapshot of the page as it appeared on 19 June 2022 at 22:10:34 GMT.
Redacted screenshot of publicly accessible personal information, including full name, email address, phone number and customer’s weight, for Sea World Helicopters flight bookings in Google’s cache. This is Google’s cache of http://apicaller.com.au/apicaller.com.au/fellipe/seaworld.php. It is a snapshot of the page as it appeared on 19 June 2022 at 22:10:34 GMT (20 June 2022 in AEST).

Screenshots: Media Booth Australia’s Publicly Accessible and Insecure Web Server with Sea World Helicopters and Professional Helicopter Services’ Customer Personal Information (27 June 2022)

Screenshot of the publicly accessible and insecure Litespeed Web Server at apicaller.com.au controlled by Ross MEADOWS and Media Booth Australia.
Screenshot of the publicly accessible and insecure LiteSpeed Web Server at apicaller.com.au controlled by Media Booth Australia.
Screenshot of the publicly accessible and insecure Litespeed Web Server at apicaller.com.au (PHS directory) controlled by Ross MEADOWS and Media Booth Australia.
Screenshot of the publicly accessible and insecure LiteSpeed Web Server at apicaller.com.au (PHS directory) controlled by Media Booth Australia.
Screenshot of the publicly accessible and insecure Litespeed Web Server at apicaller.com.au (seaworld directory) controlled by Ross MEADOWS and Media Booth Australia.
Screenshot of the publicly accessible and insecure LiteSpeed Web Server at apicaller.com.au (seaworld directory) controlled by Media Booth Australia.
Redacted screenshot of the publicly accessible and insecure Litespeed Web Server at apicaller.com.au (seaworld/seaworld.php) controlled by Ross MEADOWS and Media Booth Australia which contains publicly accessible personal information, including full name, email address, phone number and customer's weight.
Redacted screenshot of the publicly accessible and insecure LiteSpeed Web Server at apicaller.com.au (seaworld/seaworld.php) controlled by Media Booth Australia with publicly accessible personal information, including full name, email address, phone number and customer’s weight, for Sea World Helicopters flight bookings.

WHOIS Extract: Before Media Booth Australia was notified by a victim of the Sea World Helicopters data breach

Domain Name: APICALLER.COM.AU
Status: serverRenewProhibited https://afilias.com.au/get-au/whois-status-codes#serverRenewProhibited
Status Reason: Not Currently Eligible For Renewal
Registrant Contact ID: RAM8326855315
Registrant Contact Name: Ross Meadows
Tech Contact ID: REM7911262740
Tech Contact Name: Ross Meadows
Name Server: NS1.MEDIABOOTH.COM.AU
Name Server IP: 103.2.197.34
Name Server: NS2.MEDIABOOTH.COM.AU
Name Server IP: 103.2.197.35
Name Server: NS3.MEDIABOOTH.COM.AU
Name Server IP: 103.2.197.36
Name Server: NS4.MEDIABOOTH.COM.AU
Name Server IP: 103.2.197.37
DNSSEC: unsigned
Registrant: WIRED MARKETING GROUP PTY LTD
Registrant ID: ABN 85605335886
Eligibility Type: Company

Comparison WHOIS Extract: Media Booth Australia attempting to delete their domain name after being notified by a victim of the Sea World Helicopters data breach

Domain Name: APICALLER.COM.AU
Status: pendingDelete https://afilias.com.au/get-au/whois-status-codes#pendingDelete
Status Reason: Pending Delete Restorable
Status: serverHold https://afilias.com.au/get-au/whois-status-codes#serverHold
Status Reason: Pending Delete Restorable
Status: serverRenewProhibited https://afilias.com.au/get-au/whois-status-codes#serverRenewProhibited
Status Reason: Not Currently Eligible For Renewal
Status: redemptionPeriod https://afilias.com.au/get-au/whois-status-codes#redemptionPeriod
Registrant Contact ID: RAM8326855315
Registrant Contact Name: Ross Meadows
Tech Contact ID: REM7911262740
Tech Contact Name: Ross Meadows
Name Server: NS1.MEDIABOOTH.COM.AU
Name Server IP: 103.2.197.34
Name Server: NS2.MEDIABOOTH.COM.AU
Name Server IP: 103.2.197.35
Name Server: NS3.MEDIABOOTH.COM.AU
Name Server IP: 103.2.197.36
Name Server: NS4.MEDIABOOTH.COM.AU
Name Server IP: 103.2.197.37
DNSSEC: unsigned
Registrant: WIRED MARKETING GROUP PTY LTD
Registrant ID: ABN 85605335886
Eligibility Type: Company