Microsoft offers 50% subscription discounts to Office pirates
Russian hacking group uses new stealthy Ceeloader malware
France warns of Nobelium cyberspies attacking French orgs
Microsoft seizes sites used by APT15 Chinese state hackers
Twitter bots monitor every tweet to push cryptocurrency scams
Nordic Choice Hotels hit by Conti ransomware, no ransom demand yet
Microsoft seizes sites used by APT15 Chinese state hackers
Eurostar tests facial recognition system on London train station
Qualys BrowserCheck
Junkware Removal Tool
How to remove the PBlock+ adware browser extension
Remove the Search Redirect
Remove the Search Redirect
Remove the Search Redirect
Remove Security Tool and SecurityTool (Uninstall Guide)
How to remove Antivirus 2009 (Uninstall Instructions)
How to Remove WinFixer / Virtumonde / Msevents / Trojan.vundo
How to remove Google Redirects or the TDSS, TDL3, or Alureon rootkit using TDSSKiller
Locky Ransomware Information, Help Guide, and FAQ
CryptoLocker Ransomware Information Guide and FAQ
CryptorBit and HowDecrypt Information Guide and FAQ
CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ
How to make the Start menu full screen in Windows 10
How to install the Microsoft Visual C++ 2015 Runtime
How to open an elevated PowerShell Admin prompt in Windows 10
How to Translate a Web Page in Google Chrome
How to start Windows in Safe Mode
How to remove a Trojan, Virus, Worm, or other Malware
How to show hidden files in Windows 7
How to see hidden files in Windows
IT Certification Courses
Gear + Gadgets
nordic choice hotels
Nordic Choice Hotels has now confirmed a cyber attack on its systems from the Conti ransomware group.
The incident primarily impacts the hotel’s guest reservation and room key card systems.
Although there is no indication of passwords or payment information being affected, information pertaining to guest bookings was potentially leaked.
The Scandinavian hotel chain, with its brands—Comfort, Quality, and Clarion, employs over 16,000 staff members and has 200 properties across Scandinavia, Finland, and the Baltics.
Earlier this week, Nordic Choice Hotels group announced its IT systems were hit by a “computer virus” on Thursday, December 2nd.
The incident left the hotel staff without access to the hotel’s reservation systems that manage check-in, check-out, payments, and bookings.
Although the staff switched to manual procedures to carry out business operations, the hotel advised guests that delays are to be expected.
Members are currently unable to log in to their Nordic Choice Hotels accounts to book and manage reservations, or apply reward points, although it remains possible to book stays without being logged in:
A subsequent blog post by the hospitality group confirmed the scope of the incident expands to Nordic Choice Club members, in addition to the current hotel guests.
One of the hotel guests, security researcher Runa Sandvik also reported key cards being out of service:
Turns out the hotel I’m staying at is affected by ransomware and my key card doesn’t work.
Law enforcement agencies including the Norwegian Data Protection Authority and the Norwegian National Security Authority were notified of the attack by the hotel company on December 2nd—the same day as the attack.
“Our investigations do not currently give any indication that data has been leaked, but we can’t guarantee that is the case. Therefore, the incident entails a risk that information about the guests’ bookings may be lost,” explains the company in a release.
“This information consists of name, email address, telephone number, date of the visit and any information the guest may have provided in connection with their visit. There is no indication that card or payment information has been leaked.”
Although the hospitality group cannot be sure of any data leak just yet, the decision to be transparent and inform its members of the incident is an effort to keep them alerted against any suspicious communications—texts, messages, phone calls, or emails, that may be directed at them.
At this time, the hotel group has “chosen not to contact” the threat actors behind the attack, nor have they received a ransom demand from the Conti ransomware group.
BleepingComputer also did not come across the hotel group’s name on Conti’s data leak pages, indicating the ransomware attack is in early stages and negotiations may not have begun yet.
Conti ransomware is a private Ransomware-as-a-Service (RaaS) operation believed to be controlled by a Russian-based cybercrime group known as Wizard Spider.
Conti shares some of its code with the notorious Ryuk Ransomware, whose TrickBot distribution channels they started using after Ryuk activity decreased around July 2020.
This ransomware gang has previously targeted over a dozen healthcare and first responder organizations, and police department systems.
Earlier this year, Conti breached networks of Ireland’s Health Service Executive (HSE) and Department of Health (DoH), asking the former to pay a $20 million ransom after successfully encrypting its systems.
“Over the weekend, we have managed to put in place replacement solutions at most of our hotels. The work is now in full swing to get everyone back into normal operation, something we think will be done within the next few days,” says Bjørn Arild Wisth, Deputy CEO at Nordic Choice Hotels.
During the next few days, as the company works with law enforcement to remediate the cyber attack, some hotel properties may continue to experience delays with regards to check-in, check-out, and reservation processes.
“Our customer center currently has limited opportunity to change and add bookings, but is in place to be able to answer any questions. In that case, we recommend that you send us an email at or use our website for further information,” advises Nordic Choice Hotels.
Emotet botnet comeback orchestrated by Conti ransomware gang
US Senate Passes Bill in Response to Rampant Ransomware, CyberAttacks
TrickBot teams up with Shatak phishers for Conti ransomware attacks
FIN12 hits healthcare with quick and focused ransomware attacks
Hundreds of SPAR stores shut down, switch to cash after cyberattack
I saw a recommendation about this Hacker4wise, from a comment section and he offers any hacking services. He's the greatest I've seen so far, you can get in touch with him through WhatsApp him on +1 (305) 902‑6599 or Digitaltechhacker @ gmail com assistance, he's very good.
Not a member yet? Register Now
Convincing Microsoft phishing uses fake Office 365 spam alerts
Malicious Excel XLL add-ins push RedLine password-stealing malware
To receive periodic updates and news from BleepingComputer, please use the form below.
Terms of Use Privacy PolicyEthics Statement
Copyright @ 2003 – 2021 Bleeping Computer® LLC – All Rights Reserved
Not a member yet? Register Now
Read our posting guidelinese to learn what content is prohibited.


You May Also Like

Utah medical center hit by data breach affecting 582k patients

US indicts Iranian hackers for Proud Boys voter intimidation emailsWinamp prepares a…

Russian ransomware gangs start collaborating with Chinese hackers

US, UK warn of Iranian hackers exploiting Microsoft Exchange, FortinetRussian ransomware gangs…

Smartwatches for children are a privacy and security nightmare

FBI seized $2.3M from affiliate of REvil, Gandcrab ransomware gangsEwDoor botnet targets…

The Week in Ransomware – December 17th 2021 – Enter Log4j

TellYouThePass ransomware revived in Linux, Windows Log4j attacksCredit card info of 1.8…