Ransomware

Motel One Discloses Ransomware Attack Impacting Customer Data

Motel One says customer addresses and credit card information were compromised in a recent ransomware attack.

October 3, 2023

Budget hotel chain Motel One Group on Monday confirmed that some customer information and credit card data was stolen in a recent ransomware attack.

The hackers gained access to the hotel operator’s internal systems and attempted to deploy file-encrypting ransomware, but were only partially successful, the company claims.

“Thanks to extensive measures, the impact was kept to a relative minimum. The business operation of one of Europe’s largest hotel groups was never at risk,” Motel One Group says in its incident notification.

The company says it immediately engaged a certified IT security service provider and alerted the relevant authorities to start investigating the incident.

According to the hotel chain’s initial assessment, the attackers accessed information related to customers’ addresses, along with “150 credit card details”.

“The affected card holders have already been informed personally,” Motel One Group says.

While the company did not name the hackers, the AlphV/Black Cat ransomware gang over the weekend claimed responsibility for the attack, adding Motel One to its leaks site.

The attackers claim to have exfiltrated roughly 6TB of data from the company, including booking details for the past three years, customer contact information, and credit card data, along with internal Motel One documents.

Advertisement. Scroll to continue reading.

The ransomware gang has threatened to release the stolen data unless Motel One engages in negotiations and pays a ransom.

Headquartered in Munich, Germany, Motel One Group operates 90 hotels in 13 countries, including Austria, Belgium, Czech Republic, Denmark, France, Germany, Ireland, Netherlands, Poland, Spain, Switzerland, UK, and US.

SecurityWeek has emailed Motel One for an official statement on the AlphV/Black Cat ransomware gang’s claims and for additional information on the attack and will update this article as soon as a reply arrives.

Written By Ionut Arghire

Ionut Arghire is an international correspondent for SecurityWeek.

Latest News

Click to comment

CIEM Chat: How to Reduce Cloud Identity Risk

March 26, 2024

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Virtual Event: Ransomware Resilience & Recovery Summit

April 17, 2024

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Navigating Vendor Speak: A Security Practitioner’s Guide to Seeing Through the Jargon

As a security industry, we need to focus our energies on those professionals among us who know how to walk the walk. (Joshua Goldfarb)

SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking

SD-WAN must be scalable, stable, secure, and fully operational to serve as a strong base for seamless modernization and progression to SASE. (Etay Maor)

You Against the World: The Offenders Dilemma

Foreign attackers have many more toolsets at their disposal, so we need to make sure we’re selective about our modeling, preparation and how we assess and fortify ourselves. (Tom Eston)

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

With automated, detailed, contextualized threat intelligence, organizations can better anticipate malicious activity and utilize intelligence to speed detection around proven attacks. (Marc Solomon)

Know Your Audience When Speaking to Security Practitioners

How can security practitioners make sense of the vendor landscape and separate those who talk a good game from those who can execute, perform, and solve real problems for enterprises? (Joshua Goldfarb)

Cybercrime

Cyber Insights 2023 | Ransomware

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Kevin TownsendFebruary 2, 2023

Ransomware

SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint

A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.

Kevin TownsendJune 9, 2023

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.

Eduard KovacsMarch 1, 2023

Data Breaches

Sony Confirms Data Stolen in Two Recent Hacker Attacks

Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups.

Eduard KovacsOctober 5, 2023

Ransomware

GoAnywhere Zero-Day Attack Hits Major Orgs

Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Ionut ArghireMarch 27, 2023

Data Breaches

Yum Brands Discloses Data Breach Following Ransomware Attack

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.

Ionut ArghireApril 11, 2023

Ransomware

Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach

Alphv/BlackCat ransomware group files SEC complaint against MeridianLink over its failure to disclose an alleged data breach caused by the hackers.

Eduard KovacsNovember 16, 2023

Ransomware

Johnson Controls Hit by Ransomware

Johnson Controls has confirmed being hit by a disruptive cyberattack, with a ransomware group claiming to have stolen 27Tb of information from the company.

Eduard KovacsSeptember 29, 2023

SECURITYWEEK NETWORK:

ICS:

SecurityWeek

Ransomware

Motel One Discloses Ransomware Attack Impacting Customer Data

More from Ionut Arghire

Latest News

Trending

CIEM Chat: How to Reduce Cloud Identity Risk

Virtual Event: Ransomware Resilience & Recovery Summit

People on the Move

Expert Insights

Navigating Vendor Speak: A Security Practitioner’s Guide to Seeing Through the Jargon

SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking

You Against the World: The Offenders Dilemma

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

Know Your Audience When Speaking to Security Practitioners

Related Content

Cybercrime

Cyber Insights 2023 | Ransomware

Ransomware

SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Data Breaches

Sony Confirms Data Stolen in Two Recent Hacker Attacks

Ransomware

GoAnywhere Zero-Day Attack Hits Major Orgs

Data Breaches

Yum Brands Discloses Data Breach Following Ransomware Attack

Ransomware

Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach

Ransomware

Johnson Controls Hit by Ransomware

SECURITYWEEK NETWORK:

ICS:

More from Ionut Arghire

Latest News

Trending

Daily Briefing Newsletter

CIEM Chat: How to Reduce Cloud Identity Risk

Virtual Event: Ransomware Resilience & Recovery Summit

People on the Move

Expert Insights

Navigating Vendor Speak: A Security Practitioner’s Guide to Seeing Through the Jargon

SD-WAN: Don’t Build a Dead End, Prepare for Future-Proof Secure Networking

You Against the World: The Offenders Dilemma

Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program

Know Your Audience When Speaking to Security Practitioners

Related Content

Cybercrime

Cyber Insights 2023 | Ransomware

Ransomware

SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint

Cybercrime

Dish Network Says Outage Caused by Ransomware Attack

Data Breaches

Sony Confirms Data Stolen in Two Recent Hacker Attacks

Ransomware

GoAnywhere Zero-Day Attack Hits Major Orgs

Data Breaches

Yum Brands Discloses Data Breach Following Ransomware Attack

Ransomware

Ransomware Group Files SEC Complaint Over Victim’s Failure to Disclose Data Breach

Ransomware

Johnson Controls Hit by Ransomware