Jump to content
  • Play ransomware claims attack on German hotel chain H-Hotels

    alf9872000

    • 363 views
    • 3 minutes
     Share


    • 363 views
    • 3 minutes

    The Play ransomware gang has claimed responsibility for a cyber attack on H-Hotels (h-hotels.com) that has resulted in communication outages for the company.

     

    H-Hotels is a hospitality business with 60 hotels in 50 locations across Germany, Austria, and Switzerland, offering a total capacity of 9,600 rooms.

     

    The hotel chain employs 2,500 people and is one of the largest in the DACH region, operating under 'H-Hotels' and the sub-brands Hyperion, H4 Hotels, H2 Hotels, H + Hotels, H.ostels, and H.omes.

     

    H-Hotels disclosed the cyberattack last week and stated that the security incident occurred on Sunday, December 11th, 2022.

     

    "According to the first findings of internal and external IT specialists, cybercriminals managed to break through the extensive technical and organizational protection systems of IT in a professional attack," explained the H-Hotel's security incident notice.

     

    "After the cyber attack was found, the IT systems were immediately shut down and disconnected from the Internet in order to ward off further spread."

     

    Although the attack did not impact guests' bookings, hotel staff still can't receive or answer customer requests sent via email, so it is recommended to contact H-Hotels by phone if necessary.

     

    The firm has informed the German investigative authorities of the incident and is working with an IT forensics firm to restore systems as quickly as possible. H-Hotels also states that they are ensuring they will be adequately protected against similar cyberattacks in the future.

    Data allegedly stolen in attack

    Play ransomware has claimed the attack on H-Hotels and listed the company on its Tor site today, claiming to have stolen an undisclosed amount of data during the cyberattack.

     

    The ransomware gang claims to have stolen private and personal data, including client documents, passports, IDs, and more. However, the threat actors have not released any samples to support these claims.

     

    play-ransomware.png

    H-Hotels entry on the Play ransomware Tor site (BleepingComputer)

     

    Furthermore, H-Hotels denied seeing any evidence of data exfiltration in last week’s announcement, and there has been no update on the matter since then.

     

    “As of today, the commissioned IT forensic scientists have no evidence that relevant or personal data could be stolen by the cyber attack,” reads the announcement.

     

    “Should a data outflow of personal data be determined in the course of these investigations, H-Hotels.com will inform the data subjects.”

     

    Being an EU-based company, a large-scale data leak impacting customer data would have GDPR repercussions, making the cyberattack even more damaging.

     

    For hotel guests, the potential exposure of their details and booking data can be a severe case of a privacy breach, providing information about future locations, financial information, and more.

     

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...