Nordic Choice Hotels Confirm Ransomware Attack

Nordic Choice Hotels has confirmed a ransomware attack affecting its guest reservation and key card systems. The announcement comes a week after the Scandinavian hotel chain said a virus infected its IT systems, leaving staff unable to manage reservations, check-in, check-out, payments and bookings.

The system failure forced staff to turn to manual operations to ensure guests reservations.

“Early morning on Thursday 2 December our IT systems were hit by a computer virus,” Nordic Choice Hotels said. “The virus primarily affects systems for booking, check-in, check-out, and payment solutions. We have established manual systems for use in hotels to ensure our guests are still taken care of, however, you may unfortunately experience a bit of a delay.”

In a statement Dec. 6, the company disclosed that the “computer virus” is the work of the Conti ransomware group but they had not received any ransom demands yet.

The company also mentioned that it decided not to contact the threat actors behind the attack. Instead, Nordic Choice Hotels informed local law enforcement agencies, including the Norwegian Data Protection Authority and the Norwegian National Security Authority on the day of the attack.

The investigation is ongoing, and company officials are attempting to determine the extent of the breach.

“Our investigations do not currently give any indication that data has been leaked, but we can't guarantee that is the case,” the company explained. “Therefore, the incident entails a risk that information about the guests’ bookings may be lost. This information consists of name, email address, telephone number, date of the visit and any information the guest may have provided in connection with their visit.”

On a more positive note, Nordic Choice hotels said there is currently no indication that credit card or payment information was exfiltrated.

Customer and hotel members are advised to watch out for phishing attempts via text messages, phone calls or emails.

Guests are still able to book rooms using the official website or app in logged-out mode, and the hotel has assured that members will receive any bonus points they are entitled to once systems are reinstated.

To paint a picture of your digital identity and find out what key pieces have been exposed in data breaches and leaks over the years, check Bitdefender's Digital Identity Protection tool now. The service helps you take measures to control, manage and protect your digital self with real-time notifications that alert you when your data ends up in legal or illegal data collections on the internet. You also get expert recommendations to fix any privacy issue detected so you can stay a step ahead of malicious activity and protect your financial wellbeing.