Owned by international hotel chain Omni Hotels & Resorts comfirmed A cyber attack last month caused the company to shut down its systems and hackers stole customers’ personal information.
After the attack, hotel guests report They were forced to check in on paper, room keys didn’t work, and all phone systems and Wi-Fi were offline.
Some patrons reported that they had to text the hotel front desk to get into their rooms and waited “more than 30 minutes for an employee to get there and unlock it.”
According to the company, employees “worked around the clock” and it took eleven days to restore the entire company’s systems.
Inevitably, more needs to be done to reduce the chance of similar attacks happening again.
As we’ve explained before on this blog, it’s crucial to know how to respond, especially in the first 48 hours after a cyberattack. The best approach is to be proactive and have contingency plans ahead of time, because it’s not a question of if your business will be hit by a ransomware attack, but when.
Be sure to read Exponential-e’s step-by-step guide on ransomware remediation.
Omni Hotels has not revealed details about the exact nature of this cyberattack in its official announcement, but it is similar to a ransomware attack. Sure enough, a ransomware group called Daixin Team claimed responsibility.
The Daxin team has been responsible for a number of high-profile attacks.They attacked AirAsia describe The airline’s infrastructure was “in disarray” and IT security was “very, very weak”.They also target the theft of personally identifiable information and Personal health information from the United States organizeand multi-billion dollar conglomerates. B&G Foods.
The gang frequently threatens to leak the material it steals.
The latest post on the ransomware group’s dark web leak website states that the Daxin team claims to have stolen the details of approximately 3.5 million Omni Hotels guests (2017 to present) and threatens to release the information soon if the hotel chain does not meet the demands. .
online report The Daixin Team ransomware gang has provided evidence that it had access to the personal details of certain Omni Hotels & Resorts customers, including names, postal and email addresses, loyalty program information and last stay, but not payment details.
According to screenshots of online negotiations between Omni Hotels and its attackers, the Dah Sing team has reduced the initial ransom demand from $3 million to $2 million, but there is no indication that the hotel chain intends to pay.
Omni Hotels has been targeted by hackers before. The chain suffered a data breach between December 2015 and June 2016 after its point-of-sale (PoS) system was deactivated. Malware infection that steals payment card details.
Exponential-e experts will host an event on 2 May 2024 at Shangri-La Hotel, The Shard, London. free registration And learn how to prepare your business for a cyberattack.
