Cyberattack targets the systems of Omni Hotels, stealing reservations, money, and door locks

Home » Cyberattack targets the systems of Omni Hotels, stealing reservations, money, and door locks
Cyberattack targets the systems of Omni Hotels

Omni Hotels & Resorts reported that a “disruption” on Friday caused its computer systems to go down. The American luxury hotel group described the incident.

Omni, which has over 50 hotels in the US and Canada, announced via social media on April 1 that it was experiencing an outage:

Dear esteemed visitors, Our technical staff is still working to bring our downed systems back online. We value your business greatly and sincerely regret any inconvenience caused. Thank you for your patience. Kindly return to this page for any updates.

The hotel chain’s owner, TRT Holdings, and Omni were unable to respond to The Register’s precise questions on the IT failure, such as whether a ransomware outbreak was to blame and when they expected business to resume.

As of Wednesday, the company’s phone systems were unavailable, greeting callers with a prerecorded message that reads, “We are currently experiencing technical difficulties.”

The chain-wide outage reportedly started on Friday and affected point-of-sale (POS), hotel room door locks, and reservation systems.

Fear not—the bar is still open!
Reddit users reported that the bar was still open (at least at the Washington, DC location) and that systems were broken at several sites across the nation. They also urged people to show politeness towards the hotel personnel, commending them for their grace during the anticipated challenging Easter weekend.

“We had to check in using paper since there were no card machines or even room keys that worked,” one Louisville Omni guest said. “Everyone has to be escorted to their room by an employee, and the phones and Wi-Fi are down.”

According to another visitor, it took at least thirty minutes to text the hotel service to get the door unlocked to enter your room.

One Reddit user claimed to be a “low-level” Omni employee, stating that their hotel was only accepting reservations placed before the disruption. Everybody involved in the situation agrees that it is a mess. The netizen bemoaned on the site, “This work weekend has been really difficult.

“We’re all so sorry for the trouble this has caused the visitors, as well as the anxiety that comes with not knowing if we’ll be able to make money while the server is down. Thank you to everyone who is still staying at properties; Omni will undoubtedly lose millions as a result of this attack, as well as devoted clients. I pledge that my property will exert every effort to minimize this inconvenience.”

The disruption bears a lot of similarities to the September ransomware attack at MGM Resorts, even though neither the resort chain nor its parent company have said that hackers are to blame for the downed IT systems.

According to reports, Scattered Spider, the criminal organization thought to be behind the digital breaches at Caesars Entertainment and MGM, boasted that all it required to get into MGM’s networks was a 10-minute call pretending to be a help desk.

Famously, MGM refused to pay the demanded ransom, which led to almost a week of interruptions, business disruptions, and customer ire. Subsequently, it asserted that the attack had resulted in losses exceeding $100 million, and a report emerged shortly after, revealing the exposure of its stolen data.

Amended to include at 2200 UTC
Omni has acknowledged what many had speculated: an attack on the hotel chain’s IT infrastructure is to blame for its computer problems, and we’ve been informed that services are now being restored.

The company released a statement saying, “Since Friday, March 29, Omni Hotels & Resorts has been responding to a cyberattack on its systems.”

“As soon as Omni discovered this problem, it moved to shut down its systems to safeguard and control its data. Thus, Omni took some systems offline but has now brought the majority back online.

“We continue to greet our customers and take new reservations while our team works diligently to restore the remaining systems to full performance. We sincerely regret any trouble and disturbance that this cyberattack has caused.”

We have called in a security firm to determine the actual scope of the incident and what, if any, data lost or stolen.

Facing a cyberattack can be overwhelming, but you’re not alone. Kepler Safe is here to help you navigate and overcome any cybersecurity challenges you encounter, ensuring your digital assets remain protected. Book a Demo Now!!

Mitigate cyber threats effectively with Keplersafe's expert solutions.