A popular Scandinavian hotel chain Nordic Choice Hotels was hit by a ransomware attack last week that may have led to the theft of personal information related to bookings.
According to Nordic Choice’s press release, the attack, which took place on December 2, impacted “the hotel systems that handle reservations, check-in, check-out and creation of new room keys.”
“Our investigations do not currently give any indication that data has been leaked, but we can’t guarantee that is the case. Therefore, the incident entails a risk that information about the guests' bookings may be lost. This information consists of name, email address, telephone number, date of the visit and any information the guest may have provided in connection with their visit. There is no indication that card or payment information has been leaked,” according to the statement.
As a result of the attack, hotel staff were unable to access the hotel’s reservation systems to manage check-in, check-out, payments and bookings. Staff have had to switch to manual operations to continue business operations, although guests have been advised to expect delays.
According to one customer, hotel staff have had to personally escort guests to their rooms because key cards did not work.
Nordic Choice revealed it had been hit by a Conti ransomware attack, but had chosen not to contact the hackers. The company also said it did not receive a specific demand from the attackers.
“The matter has been reported, and we will assist the police in the investigation with all available information,” Nordic Choice said.