Connect with us

Hi, what are you looking for?



Motel One Discloses Ransomware Attack Impacting Customer Data

Motel One says customer addresses and credit card information were compromised in a recent ransomware attack.

Budget hotel chain Motel One Group on Monday confirmed that some customer information and credit card data was stolen in a recent ransomware attack.

The hackers gained access to the hotel operator’s internal systems and attempted to deploy file-encrypting ransomware, but were only partially successful, the company claims.

“Thanks to extensive measures, the impact was kept to a relative minimum. The business operation of one of Europe’s largest hotel groups was never at risk,” Motel One Group says in its incident notification.

The company says it immediately engaged a certified IT security service provider and alerted the relevant authorities to start investigating the incident.

According to the hotel chain’s initial assessment, the attackers accessed information related to customers’ addresses, along with “150 credit card details”.

“The affected card holders have already been informed personally,” Motel One Group says.

While the company did not name the hackers, the AlphV/Black Cat ransomware gang over the weekend claimed responsibility for the attack, adding Motel One to its leaks site.

The attackers claim to have exfiltrated roughly 6TB of data from the company, including booking details for the past three years, customer contact information, and credit card data, along with internal Motel One documents.

Advertisement. Scroll to continue reading.

The ransomware gang has threatened to release the stolen data unless Motel One engages in negotiations and pays a ransom.

Headquartered in Munich, Germany, Motel One Group operates 90 hotels in 13 countries, including Austria, Belgium, Czech Republic, Denmark, France, Germany, Ireland, Netherlands, Poland, Spain, Switzerland, UK, and US.

SecurityWeek has emailed Motel One for an official statement on the AlphV/Black Cat ransomware gang’s claims and for additional information on the attack and will update this article as soon as a reply arrives.

Related: Johnson Controls Ransomware Attack Could Impact DHS

Related: FBI Warns Organizations of Dual Ransomware, Wiper Attacks

Related: City of Dallas Details Ransomware Attack Impact, Costs

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


A SaaS ransomware attack against a company’s Sharepoint Online was done without using a compromised endpoint.


Several major organizations are confirming impact from the latest zero-day exploits hitting Fortra's GoAnywhere software.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Data Breaches

KFC and Taco Bell parent company Yum Brands says personal information was compromised in a January 2023 ransomware attack.


US payments giant NCR has confirmed being targeted in a ransomware attack for which the BlackCat/Alphv group has taken credit.

Malware & Threats

Unpatched and unprotected VMware ESXi servers worldwide have been targeted in a ransomware attack exploiting a vulnerability patched in 2021.