Motel One, a well-known budget hotel chain operating across various countries, has disclosed a significant data breach resulting from a ransomware attack. The attack, carried out by unidentified threat actors, led to the theft of customer data, including sensitive information from 150 credit cards.
Motel One has emphasized that its robust security measures mitigated the impact and ensured the continuity of its business operations. The company promptly initiated an investigation into the incident, involving IT experts and notifying relevant data protection authorities.
While Motel One asserts that the breach had minimal impact, the BlackCat/ALPHV ransomware gang, claiming responsibility for the attack, contradicts this statement. The cybercriminal group announced its intrusion on Motel One’s internal systems on the dark web, disclosing that they had exfiltrated a substantial volume of data, amounting to 6 terabytes, including customer booking records and credit card details. BlackCat/ALPHV has issued a ransom demand, providing Motel One with a five-day window to comply; otherwise, they threaten to release the stolen data publicly, potentially causing severe harm to the affected customers.
This incident underscores the persistent cybersecurity challenges faced by organizations, even when they have effective protective measures in place. It highlights the importance of proactively addressing ransomware threats and the critical need for robust data protection strategies to safeguard customer information from malicious actors.