Father
Professional
- Messages
- 2,602
- Reaction score
- 763
- Points
- 113
Now the privacy of Omni Hotels guests depends on the generosity of management.
The Daixin Team cybercrime group has claimed responsibility for a recent attack on the Omni Hotels & Resorts chain and is threatening to release confidential customer information if the ransom is not paid.
Omni Hotels operates 50 hotels and resorts in the United States, Canada and Mexico, with more than 23,550 rooms and 28 golf courses. The hotel chain was added to the group's darknet data leak site after a massive outage paralyzed the company's IT systems, affecting booking systems, electronic room locks and payment processing systems.
On April 3, Omni Hotels confirmed that a cyberattack was the cause of the system failure. Omni Hotels has been responding to the cyberattack since Friday, March 29, the company said. Upon learning of the problem, the company promptly took measures to disable the systems in order to protect and isolate the data.
Most of the systems have now been restored, and Omni Hotels has already launched an investigation involving third-party information security specialists. Although the nature of the incident was not officially disclosed, sources said that it was a ransomware attack, during which it was necessary to manually restore servers from backups.
On April 14, the company said that the attack could affect limited information related to a certain group of customers. According to Omni Hotels, the affected data does not include confidential information (payment details, financial information, or social security numbers), but may contain the customer's name, email address, registration address, and Select Guest loyalty program information.
Despite the fact that Daixin Team has already added a hotel chain to its site of leaks, there is no evidence of the publication of stolen information on the site yet. However, hackers are threatening to soon host data allegedly stolen from Omni Hotels ' servers, "including the data of all guests from 2017 to the present." Daixin Team posted screenshots showing a database dump with information about 3,539,089 hotel visitors, including names, email addresses, and check-in addresses.
Omni Hotels hacking report on the group's website
The group is already known for its ransomware attacks on the US healthcare sector with encryption of systems and theft of medical and personal information. The stolen data is then used to pressure victims for ransom.
Daixin Team gains access to target networks by exploiting known vulnerabilities in VPN servers or compromised VPN credentials, especially for accounts with multi-factor authentication disabled.
In 2022, Daixin Team cyber ransomware successfully attacked AirAsia Group. A representative of the group said that they managed to get the personal data of 5 million passengers and all employees of the airline.
The Daixin Team cybercrime group has claimed responsibility for a recent attack on the Omni Hotels & Resorts chain and is threatening to release confidential customer information if the ransom is not paid.
Omni Hotels operates 50 hotels and resorts in the United States, Canada and Mexico, with more than 23,550 rooms and 28 golf courses. The hotel chain was added to the group's darknet data leak site after a massive outage paralyzed the company's IT systems, affecting booking systems, electronic room locks and payment processing systems.
On April 3, Omni Hotels confirmed that a cyberattack was the cause of the system failure. Omni Hotels has been responding to the cyberattack since Friday, March 29, the company said. Upon learning of the problem, the company promptly took measures to disable the systems in order to protect and isolate the data.
Most of the systems have now been restored, and Omni Hotels has already launched an investigation involving third-party information security specialists. Although the nature of the incident was not officially disclosed, sources said that it was a ransomware attack, during which it was necessary to manually restore servers from backups.
On April 14, the company said that the attack could affect limited information related to a certain group of customers. According to Omni Hotels, the affected data does not include confidential information (payment details, financial information, or social security numbers), but may contain the customer's name, email address, registration address, and Select Guest loyalty program information.
Despite the fact that Daixin Team has already added a hotel chain to its site of leaks, there is no evidence of the publication of stolen information on the site yet. However, hackers are threatening to soon host data allegedly stolen from Omni Hotels ' servers, "including the data of all guests from 2017 to the present." Daixin Team posted screenshots showing a database dump with information about 3,539,089 hotel visitors, including names, email addresses, and check-in addresses.
Omni Hotels hacking report on the group's website
The group is already known for its ransomware attacks on the US healthcare sector with encryption of systems and theft of medical and personal information. The stolen data is then used to pressure victims for ransom.
Daixin Team gains access to target networks by exploiting known vulnerabilities in VPN servers or compromised VPN credentials, especially for accounts with multi-factor authentication disabled.
In 2022, Daixin Team cyber ransomware successfully attacked AirAsia Group. A representative of the group said that they managed to get the personal data of 5 million passengers and all employees of the airline.
