After a hacker attack on the “Motel One” hotel chain, millions of names and travel details of guests can be found online, according to a media report. According to the company, six terabytes were stolen – including credit card data.
Hackers stole data containing private information from guests on a large scale from the “Motel One” hotel chain and published it on the dark web. “According to preliminary findings, the stolen data amounting to six terabytes relates in particular to address and billing data of customers and only very occasionally credit card information of our hotel guests,” said a spokeswoman for the company when asked by the dpa news agency.
The “Süddeutsche Zeitung” had previously reported that the data had already been published on the darknet on Wednesday. The Darknet or Darkweb is a hidden network, i.e. closed websites that can only be found via a specific browser.
According to “SZ”, the data contained almost complete lists of overnight stays for the past few years since 2016. Private billing addresses, dates of birth of customers, internal business figures and some cell phone numbers of employees can also be found online, according to the report. Millions of people are affected by the data leak. The hacker group ALPHV claimed responsibility for the attack, which was supposedly intended to extort money.
Apparently 150 Credit card details affected
“Motel One” had already reported on the hacker attack on September 30th on the X platform, formerly Twitter. However, according to information from the “Süddeutsche Zeitung”, the hotel chain had already found out about the attack three weeks beforehand.
According to its own information, the Munich-based company filed a criminal complaint and also informed the data protection authorities. It was also ensured that no further personal data could be obtained. 150 credit card details were intercepted and affected credit card holders were personally informed.
“Motel One” referred to comprehensive, standard security standards. The fact that the hacker attack was nevertheless successful shows the group’s high criminal energy. Guests do not have to worry about their safety, said a spokeswoman. We work closely with experienced experts in information and IT security and the responsible authorities.
“Emergency lists” with customer data on the dark web
According to the “Süddeutsche Zeitung”, so-called emergency lists were also affected by the data leak. They contained the names of the guests, the date of their check-in and the room numbers, said Motel One. With this information, guests could, for example, check in even in the event of system malfunctions. When asked by “SZ”, the hotel chain did not explain why this information had apparently been stored for years.
The founder and co-owner of “Motel One”, Dieter Müller, appealed to the federal government: “I think that, in addition to the companies themselves, the state is called upon to regain sovereignty and significantly upgrade cyber defense.” Müller may have been a victim of the data theft himself. “Since Dieter Müller likes to stay at ‘Motel One’, this may be true,” the company’s spokeswoman told the dpa news agency.
According to its own information, “Motel One” currently operates 90 hotels in 13 countries in Europe and the USA. After heavy losses during the Corona pandemic despite government Corona aid, things looked up again in 2022. After a net loss of more than seven million euros in 2021, the group ended up back in the black last year with a profit of 78 million euros and almost halved the debt level from 197 to 99 million euros.