The hotel chain H-Hotels has fallen victim to a cyber attack. As a result, the hotel chain's internal and external communication is currently only available to a limited extent. However, bookings and hotel operations of the group should continue to be possible. So far, the company assumes that no customer data has been leaked in this attack, which took place over the weekend.
According to a
statement from the hotel chain, the cyber attack on the IT network took place as early as Sunday, December 11, 2022. It is important to qualify that the cyberattack was detected by the hotel company's IT security systems on Sunday (the attackers could have been dabbling in the IT system weeks before).
After noticing a cyberattack, employees immediately shut down the hotel chain's IT systems and disconnected them from the Internet to ward off further spread. H-Hotels.com immediately informed the relevant investigative authorities and filed a criminal complaint. In close coordination with the investigating authorities, IT forensic experts are currently investigating all affected IT systems.
These analyses will take several days. Afterwards, all systems will be cleaned up and all data will be conclusively checked in order to be able to rule out a continuation of the cyber attack or a renewed cyber attack. In its announcement, the hotel states that cyber criminals succeeded in breaking through the extensive technical and organizational IT protection systems. What exactly these measures were, however, remains in the dark – but may simply be one of the usual platitudes.
So far, the IT forensic experts have no indication that relevant or personal data was stolen as a result of the cyber attack. Further investigations will be carried out in the coming days in coordination with the investigating authorities and the responsible data protection authority. If, in the course of these investigations, an outflow of personal data is identified, H-Hotels.com will inform the affected persons. I read between the lines that it could probably be a ransomware infection, so one can assume a data outflow – but we will then find out in the coming days.
The ongoing hotel operations in the individual hotels of the group are ensured and bookings are accepted in the hotels as usual. Inquiries by e-mail can currently not be answered or not answered promptly. Customers are advised to contact the desired or already booked hotel by phone in case of a contact request.
