The German Youth Hostel Association (DJH), which operates approximately 450 youth hostels, recently suffered a ransomware attack that disrupted its IT systems. The attack, claimed by the Hunters ransomware group, was identified on August 30, 2024. The disruption caused significant operational issues, including booking and invoicing failures, non-functional key card systems, and paralyzed data center operations. Hunters has reportedly stolen 29.3 GB of data, including private, financial, and customer information, and threatened to release the data if a ransom is not paid.
The ransomware group has pressured the DJH with a deadline to pay, warning that the decryption keys will be deleted if the demand is unmet. Hunters also indicated they have compromised personal data, further heightening the severity of the situation. The DJH initially refrained from confirming the nature of the attack but later acknowledged that external intrusion into its systems caused the disruption. This prompted the association to report the incident to authorities, including the State Commissioner for Data Protection and Freedom of Information.
Bettina Gayk, a spokesperson for the data protection commissioner, confirmed that DJH has reported the attack in compliance with GDPR requirements. Authorities are working with DJH to assess the impact and determine whether notifying affected individuals is necessary. In the meantime, individuals are advised to take precautions such as changing passwords, enabling two-factor authentication, and securing online accounts to mitigate potential risks from the exposed data.
While DJH has restored much of its system functionality, the stolen data has reportedly begun appearing on the dark web. The association is analyzing the leaked information, which seems to include employee data and business documents. DJH has pledged to fulfill its legal obligations in addressing the breach and has involved law enforcement and other regulatory bodies to investigate and respond to the attack.
Reference:
