- NightSpire claims Hyatt Place Chelsea ransomware attack, stealing 48.5 GB of data
- Stolen files may include employee credentials, enabling phishing and internal system access
- Hyatt has not confirmed breach; hospitality industry remains frequent ransomware target
The Hyatt Place Chelsea in New York has reportedly fallen victim to a ransomware attack, resulting in the theft of sensitive data affecting an unspecified number of individuals.
The group known as NightSpire has added the hotel to its dark web data leak site, asserting that it has stolen 48.5 GB of sensitive information. They have also provided a sample of the stolen files and invited interested parties to inquire about purchasing the complete archive.
Security experts from Cybernews examined a sample of the stolen data, which reportedly includes invoices, expense reports containing full employee names, contact details, signatures, and information from partner companies.
Awaiting Hyatt's Response
This data could facilitate highly convincing phishing attacks targeting Hyatt employees and other high-value individuals, potentially leading to further data breaches, such as the theft of login credentials.
Moreover, Cybernews indicates that the files may contain employee credentials for Hyatt's internal content management system (CMS), which could grant unauthorized access to the entire hotel chain's employee, client, and business partner information.
“While exposed contact details and email signatures may seem harmless, they provide attackers with the necessary tools to execute effective social engineering and fraud schemes,” the researchers cautioned.
“If employee credentials are compromised, the implications extend beyond scams, as stolen logins could be used to access internal systems, read sensitive communications, or navigate through Hyatt’s network.”
As of now, these claims remain unverified. Hyatt has not released an official statement or provided updates on its newsroom website or social media. We have reached out for comment and will update this article if we receive a response.
The hospitality sector is frequently targeted by cybercriminals, making Hyatt's alleged breach an unfortunate but not unexpected occurrence.
Hyatt Hotels Corporation operates over 1,350 hotels and all-inclusive properties globally, employing approximately 52,000 people and generating around $6.6 billion in annual revenue while serving millions of guests through its loyalty program with over 60 million members.