fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Nordic Choice Hotels Hit by Conti Ransomware, No Ransom Demand Yet

Nordic Choice Hotels Hit by Conti Ransomware, No Ransom Demand Yet

Nordic Choice Hotels has now confirmed a cyber attack on its systems from the Conti ransomware group.

The incident primarily impacts the hotel’s guest reservation and room key card systems.

Although there is no indication of passwords or payment information being affected, information pertaining to guest bookings was potentially leaked.

The Scandinavian hotel chain, with its brands—Comfort, Quality, and Clarion, employs over 16,000 staff members and has 200 properties across Scandinavia, Finland, and the Baltics.

Also Read: 5 Best Practices About Information Retention For Businesses

Key cards out of service

Earlier this week, Nordic Choice Hotels group announced its IT systems were hit by a “computer virus” on Thursday, December 2nd.

The incident left the hotel staff without access to the hotel’s reservation systems that manage check-in, check-out, payments, and bookings.

Although the staff switched to manual procedures to carry out business operations, the hotel advised guests that delays are to be expected.

Members are currently unable to log in to their Nordic Choice Hotels accounts to book and manage reservations, or apply reward points, although it remains possible to book stays without being logged in:

Nordic Choice Hotels systems still face technical issues
Nordic Choice Hotels systems still facing ‘technical issues’ (BleepingComputer)

A subsequent blog post by the hospitality group confirmed the scope of the incident expands to Nordic Choice Club members, in addition to the current hotel guests.

One of the hotel guests, security researcher Runa Sandvik also reported key cards being out of service:

Turns out the hotel I’m staying at is affected by ransomware and my key card doesn’t work. pic.twitter.com/F4dYa9iQ8q— Runa Sandvik (@runasand) December 5, 2021

No ransom demand yet, law enforcement engaged

Law enforcement agencies including the Norwegian Data Protection Authority and the Norwegian National Security Authority were notified of the attack by the hotel company on December 2nd—the same day as the attack.

“Our investigations do not currently give any indication that data has been leaked, but we can’t guarantee that is the case. Therefore, the incident entails a risk that information about the guests’ bookings may be lost,” explains the company in a release.

Also Read: Employment Application Template: What Information Required

“This information consists of name, email address, telephone number, date of the visit and any information the guest may have provided in connection with their visit. There is no indication that card or payment information has been leaked.”

Although the hospitality group cannot be sure of any data leak just yet, the decision to be transparent and inform its members of the incident is an effort to keep them alerted against any suspicious communications—texts, messages, phone calls, or emails, that may be directed at them.

At this time, the hotel group has “chosen not to contact” the threat actors behind the attack, nor have they received a ransom demand from the Conti ransomware group.

BleepingComputer also did not come across the hotel group’s name on Conti’s data leak pages, indicating the ransomware attack is in early stages and negotiations may not have begun yet.

Conti ransomware is a private Ransomware-as-a-Service (RaaS) operation believed to be controlled by a Russian-based cybercrime group known as Wizard Spider.

Conti shares some of its code with the notorious Ryuk Ransomware, whose TrickBot distribution channels they started using after Ryuk activity decreased around July 2020.

This ransomware gang has previously targeted over a dozen healthcare and first responder organizations, and police department systems.

Earlier this year, Conti breached networks of Ireland’s Health Service Executive (HSE) and Department of Health (DoH), asking the former to pay a $20 million ransom after successfully encrypting its systems.

“Over the weekend, we have managed to put in place replacement solutions at most of our hotels. The work is now in full swing to get everyone back into normal operation, something we think will be done within the next few days,” says Bjørn Arild Wisth, Deputy CEO at Nordic Choice Hotels.

During the next few days, as the company works with law enforcement to remediate the cyber attack, some hotel properties may continue to experience delays with regards to check-in, check-out, and reservation processes.

“Our customer center currently has limited opportunity to change and add bookings, but is in place to be able to answer any questions. In that case, we recommend that you send us an email at [email protected] or use our website for further information,” advises Nordic Choice Hotels.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us