Hotel Pays Hackers After Guests Got Locked Out of Their Rooms

A top European hotel had to pay hackers in order to regain control over its electronic key system.

According to The Local, hotel managers of Romantik Seehotel Jaegerwirt, a 4-star hotel in Austria, decided to reveal the ordeal they went through, knowing that other hotels have been going through the same thing. Set up with a modern IT system, including key cards for hotel doors, something that’s widespread in the hotel industry, the hotel thought it offered guests everything they wanted. Until hackers hit.

They explain that in the past few months, they’ve been hit by hackers who managed to break into the hotel’s electronic key system, locking hundreds of guests out of their rooms. The last attack took place on the first day of the winter season when they were completely booked, which left 180 people unable to enter their rooms.

This was the third time this had happened. The first time an attack happened was during the summer season. The hotel had to pay a ransom then too before the hackers released control over the system. It seems, however, that the first time this happened, hackers left a backdoor in the system which they used again for later attacks.

It cost the hotel thousands of Euros to fix, money they did not get back from the insurance company since the hackers can’t be found.

The last successful attack, the one that took place in the opening weekend for the winter season, a time when mountain hotels are notoriously booked, made managers pay a ransom of €1,500, or roughly $1,600. With so many guests to think about, they chose to give in to hackers yet again, which left the police unable to help.

Following each paid ransom, the key registry system was unlocked, along with all the other computers, putting everything back together.

Thankfully, after being hit three times, the hotel finally changed things in order to reject the attack. The computers had been replaced, the latest security standards integrated, while some networks had been decoupled. The backdoor was no more.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Glove Stealer Emerges A New Malware Threat For Browsers

ANY.RUN Discovers Tricky Phishing Attack Using Fake CAPTCHA