Member
- Joined
- Oct 10, 2023
- Messages
- 133
- Thread Author
- #1
The group announced bad news for guests and employees of the largest hotel chains.
The ALPHV/BlackCat group, known for its ransomware attacks on entertainment companies Caesars Entertainment and MGM Resorts, announced a new victim-the American hotel chain LBA Hospitality. LBA's portfolio includes more than 100 hotels, including such global brands as Marriott, Hilton, Holiday Inn and Best Western. Hotels are mostly located in the southeastern United States.
ALPHV/BlackCat published information about LBA Hospitality on the leak site, presenting a small part of the files allegedly stolen from the company with headquarters in Alabama. According to the group, the attackers were able to extract about 200 GB of "highly confidential" data from the main LBA servers, including customer and employee data: resumes, driver's licenses, identity cards, social security numbers( SSNs), financial statements, credit card information and much more.
Screenshot of the stolen data on the ALPHV/BlackCat website
On its website, the group said that LBA Hospitality has 3 days to contact the ransomware and resolve "a mistake made by the company's IT department." If the firm does not contact the cybercriminals, then, as they promise, the data will be published. LBA Hospitality itself has not yet commented on the situation.
In addition to hotel management, LBA Hospitality provides a variety of services, including HR, finance, sales, and marketing. In addition to those listed, LBA Hospitality's current client list includes at least 15 mid-range hotel chains. Most ironically, this is the fourth Marriott data breach in the last 5 years.
Who exactly is behind the attacks on MGM Resorts and Caesars Entertainment remains unclear for sure, but two hacking groups are definitely involved: ALPHV/BlackCat and Scattered Spider (UNC3944).
A person claiming to be a member of Scattered Spider revealed that their group was responsible for the MGM attack, but denied responsibility for the Caesars hack. In turn, the ALPHV group later also claimed responsibility for the attack on MGM, publishing a corresponding statement on its leak site.
A representative of Scattered Spider said that their grouping is actually a subgroup of ALPHV. Whether this information is reliable is difficult to judge, because ALPHV did not mention any child groups in its statement published by an independent security researcher on GitHub.
The ALPHV/BlackCat group, known for its ransomware attacks on entertainment companies Caesars Entertainment and MGM Resorts, announced a new victim-the American hotel chain LBA Hospitality. LBA's portfolio includes more than 100 hotels, including such global brands as Marriott, Hilton, Holiday Inn and Best Western. Hotels are mostly located in the southeastern United States.
ALPHV/BlackCat published information about LBA Hospitality on the leak site, presenting a small part of the files allegedly stolen from the company with headquarters in Alabama. According to the group, the attackers were able to extract about 200 GB of "highly confidential" data from the main LBA servers, including customer and employee data: resumes, driver's licenses, identity cards, social security numbers( SSNs), financial statements, credit card information and much more.
Screenshot of the stolen data on the ALPHV/BlackCat website
On its website, the group said that LBA Hospitality has 3 days to contact the ransomware and resolve "a mistake made by the company's IT department." If the firm does not contact the cybercriminals, then, as they promise, the data will be published. LBA Hospitality itself has not yet commented on the situation.
In addition to hotel management, LBA Hospitality provides a variety of services, including HR, finance, sales, and marketing. In addition to those listed, LBA Hospitality's current client list includes at least 15 mid-range hotel chains. Most ironically, this is the fourth Marriott data breach in the last 5 years.
Who exactly is behind the attacks on MGM Resorts and Caesars Entertainment remains unclear for sure, but two hacking groups are definitely involved: ALPHV/BlackCat and Scattered Spider (UNC3944).
A person claiming to be a member of Scattered Spider revealed that their group was responsible for the MGM attack, but denied responsibility for the Caesars hack. In turn, the ALPHV group later also claimed responsibility for the attack on MGM, publishing a corresponding statement on its leak site.
A representative of Scattered Spider said that their grouping is actually a subgroup of ALPHV. Whether this information is reliable is difficult to judge, because ALPHV did not mention any child groups in its statement published by an independent security researcher on GitHub.