- NightSpire claims ransomware attack at Hyatt Place Chelsea, stealing 48.5GB of data
- Stolen files may include employee credentials, allowing phishing and internal system access
- Hyatt has not confirmed the breach; The hospitality industry remains a frequent target of ransomware
The Hyatt Place Chelsea New York hotel, part of Hyatt Hotels Corporation, appears to have suffered a ransomware attack and lost sensitive data on an (as yet) unknown number of people.
A malicious actor called NightSpire recently added the hotel to its Dark Web data leak website, claiming to have stolen 48.5 GB of sensitive data. He also shared a sample of the stolen files and asked any parties interested in acquiring the full archive to contact them.
Security researchers from Cybernews analyzed a sample of the stolen files and said it appears to contain invoices, expense reports with employees’ full names, contact details, signatures, as well as partner company data.
Waiting for response from Hyatt
All of this is more than enough data to launch very convincing phishing attacks against Hyatt employees (and other high-value individuals), stealing even more sensitive data, such as login credentials.
But this may not even be necessary, since Cybernews also states that the files “suggest that the documents may include employee credentials in their internal CMS.”
In this case, anyone who obtained the data could potentially have access to all of the hotel chain’s employees, customers and business partners.
“Exposed contact details and electronic signatures may not seem dangerous on their own, but they give attackers exactly what they need to carry out convincing social engineering and fraud campaigns,” the researchers warn.
“If employee credentials are found to be compromised, the risk extends beyond scams. Stolen logins can be exploited to access internal tools, read sensitive communications, or move laterally across Hyatt’s network.”
So far, these claims have not yet been confirmed. Hyatt has not yet made an official statement or shared anything on its editorial website or social media channels. We have reached out and will update the article if we receive a response.
The hotel and lodging industry is one of the most targeted industries, so Hyatt’s alleged breach is (unfortunately) no surprise.
Hyatt Hotels Corporation is a global hospitality company operating more than 1,350 hotels and all-inclusive properties worldwide. It employs approximately 52,000 people, generates annual revenue of approximately $6.6 billion, and serves millions of guests each year through stays and its loyalty program of more than 60 million members.
The best antivirus for every budget
Follow TechRadar on Google News And add us as your favorite source to get our news, reviews and expert opinions in your feeds. Make sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, unboxings in video form and receive regular updates from us on WhatsApp Also.
