Cyberattack on German Hotel Company H-Hotels Claimed by Play Ransomware

Cyberattack on German Hotel Company H-Hotels Claimed by Play Ransomware

Hotels (h-hotels.com) communications have been disrupted due to a cyberattack blamed on the Play ransomware group. The hospitality group H-Hotels operates 60 hotels in 50 different cities in Germany, Austria, and Switzerland, with a total of 9,600 rooms.

With 2,500 employees and operating under the H-Hotels brand as well as the sub-brands Hyperion, H2 Hotels, H4 Hotels, H + Hotels, H.ostels, and H.omes, the hotel chain is one of the biggest in the DACH area. H-Hotels revealed the cyberattack last week and said the security issue happened on December 11, 2022.

“According to the first findings of internal and external IT specialists, cybercriminals managed to break through the extensive technical and organizational protection systems of IT in a professional attack,” as per the H-Hotel’s security incident notice. “After the cyber attack was found, the IT systems were immediately shut down and disconnected from the Internet in order to ward off further spread.”

Although the cyberattack did not affect reservations made by visitors, hotel employees are currently unable to accept or respond to email inquiries from clients. Thus, it is advised to contact H-Hotels if required. The company is collaborating with an IT forensics company to restore systems as soon as feasible and has alerted the German investigation authorities of the issue. H-Hotels also claims that they are taking steps to ensure that they will be sufficiently safeguarded against future intrusions of a similar nature.

The H-Hotels intrusion has been claimed by Play ransomware, which has listed the business on its Tor website and claims to have stolen an unspecified amount of data. The ransomware group alleges to have stolen customer records, passports, IDs, and other sensitive and personal information. However, threat actors haven’t provided any samples to back up their allegations. Moreover, H-Hotels refuted finding any proof of data exfiltration in the release made last week, and there hasn’t been any new information on the subject since then.

According to the announcement, there is currently no proof that the cyberattack may have obtained any critical or sensitive data. H-Hotels.com shall notify the data subjects if a data outflow of personal information is found during these investigations.

Given that the business is situated in the EU, GDPR ramifications from a significant data leak that affects consumer data would make the intrusion considerably more devastating. A severe privacy breach for hotel customers might result from the disclosure of their personal information and booking data, which could reveal information about upcoming travel plans, financial data, and more.

About the author

CIM Team

CIM Team

CyberIntelMag is the trusted authority in cybersecurity, comprised of leading industry experts for over 20 years, dedicated to serving cybersecurity professionals. Our goal is to provide a one-stop shop for knowledge and insight needed to navigate throughout today’s emerging cybersecurity landscape through in-depth coverage of breaking news, tutorials, product reviews, videos and industry influencers.

Share: