- NightSpire claims Hyatt Place Chelsea ransomware attack steals 48.5GB of data
- Stolen files can include employee credentials, enabling phishing and internal system access
- Hyatt has not confirmed the breach; the hospitality industry remains a frequent target for ransomware
The Hyatt Place Chelsea New York hotel, part of the Hyatt Hotels Corporation, appears to have suffered a ransomware attack and lost sensitive data on an (as yet) unknown number of people.
A threat actor going by NightSpire recently added the hotel to its dark web data leak site, claiming to have stolen 48.5GB of sensitive data. It also shared a sample of the stolen files and asked all parties interested in acquiring the full archive to contact them.
Security researchers from Cyber news analyzed a sample of the stolen files and said it appears to contain invoices, expense reports with full employee names, contact information, signatures as well as partner company data.
Awaiting Hyatt’s response
All of this is more than enough data to run very convincing phishing attacks against Hyatt employees (and other high-value individuals), and steal even more sensitive data, such as login credentials.
However, it may not even be necessary since Cyber news also says the files “suggest the documents may contain employee credentials for their internal CMS.”
In that case, the person who obtained the data could potentially have access to the entire hotel chain’s employees, customers and business partners.
“Exploited contact information and email signatures may not look dangerous in themselves, but they give attackers exactly what they need to run convincing social engineering and fraud campaigns,” the researchers warned.
“If employee credentials are found to be compromised, the risk goes beyond fraud. Stolen logins can be exploited to access internal tools, read sensitive communications or move laterally across Hyatt’s network.”
So far, these claims have yet to be confirmed. Hyatt has yet to make an official statement or share anything on its newsroom website or social media. We have reached out and will update the article if we hear back.
The hospitality and accommodation industry is one of the most targeted sectors, so Hyatt reportedly being breached is (sadly) no surprise.
Hyatt Hotels Corporation is a global hospitality company that operates approximately 1,350+ hotels and all-inclusive properties worldwide. It employs approximately 52,000 people, generates approximately $6.6 billion in annual revenue and serves millions of guests each year through stays and its loyalty program with more than 60 million members.
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
