The hotel chain H-Hotels has fallen victim to a ransomware attack. The extent of this is said to be greater than originally assumed. Unfortunately, highly sensitive personal data is also said to have been stolen. Even copies of ID cards are said to have been affected.
H-Hotels revises threat assessment
With over 60 hotels in Germany, Austria and Switzerland, H-Hotels is one of the best-known hotel chains in the German-speaking world. It was therefore hardly surprising that the ransomware attack on the chain, which became known in December 2022, made headlines. At the time, however, H-Hotels was still reassuring its customers by saying that no personal customer data had been stolen. Now, however, the hotel chain has to revise its statement. In the meantime, there is talk that personal data might have been stolen during the attack. However, H-Hotels is only talking about “simple” personal data such as e-mail addresses and home addresses. But as the IT researcher and employee of the security company Aware7 Moritz Gruber has now worked out, the extent could be far worse.
Copies of important identity documents stolen
Gruber has looked more closely at the stolen data set as part of his research and has come up with frightening. Thus one would like to have found identity card copies of at least 45 persons. According to Gruber, copies of other essential documents such as social security cards or health insurance cards were also affected. However, it is probably not the hotel guests who will suffer from the data leak. Instead, the stolen data probably only affects employees of the hotel chain. Since the data set with a total size of 6.59 GB probably also includes data requiring special protection according to Article 9 of the GDPR, this could now have consequences for the hotel chain. However, not only employees are affected, but also third parties such as suppliers or banks. After all, contract documents are also part of the stolen data.
- Also interesting: Continental does not want to pay a ransom to ransomware group
H-Hotels is keeping a low profile
The hotel chain itself apparently doesn’t want to know about the extent of the ransomware attack, sticking to its claim that only “lightweight” personal data was stolen. H-Hotels, on the other hand, demonstrates transparency when describing the actions of the Play ransomware group. The cybercriminals must have quickly posted the stolen data on the Darknet and offered it for sale. The chain quickly made this public. On top of that, they are in constant contact with the data protection authority responsible for the case. On request from Golem.de, however, H-Hotels still does not want to know anything about stolen copies of ID cards and other weighty identification documents. They have only informed the affected employees about the incident. We can only hope that the criminals do not cause too much damage with the stolen data.
No replies yet
Neue Antworten laden...
Gehört zum Inventar
Beteilige dich an der Diskussion in der Basic Tutorials Community →