The cyber-ransomware group Play has claimed responsibility for a cyberattack on H-Hotels, a major hotel chain in Germany, Austria and Switzerland with a total of 9,600 rooms. The company has about 2500 employees and several sub-brands - Hyperion, H4 Hotels, H2 Hotels, H+ Hotels, H.ostels and H.omes.
According to the H-Hotels report and the initial IT investigation, the hackers were professionals who were able to break through the company's powerful cybersecurity system. After the cyberattack was discovered, the hotel's IT systems were taken offline to prevent the spread of ransomware. Due to the actions of cybercriminals, the hotel staff is unable to receive and respond to customer inquiries sent by e-mail.
H-Hotels has already contacted German law enforcement and an information security firm that will help restore the company's systems as soon as possible and strengthen protection against similar cyber attacks in the future.
According to Play, they managed to steal a huge amount of personal data of customers, including passports, ID cards and more. But the attackers did not provide any documents confirming their words.
What's more, H-Hotels denied the data breach in a statement made last week. The company promised to notify customers if it turns out that the hackers managed to steal any information.