The Omni Hotels & Resorts chain has suffered a significant cyberattack as discussed in the last Threatfeed is now attributed to the notorious Daixin ransomware group.

This attack disrupted IT systems nationwide, impacting reservations, key card access, and payment systems. Daixin claims to have stolen sensitive data and threatens to release it unless a ransom demand is met. This attack follows a US government warning about Daixin Team's focus on healthcare organizations, indicating the broadening reach of the group. Omni Hotels is scrambling to restore systems while concerns about a potential data breach rise.

Daixin Ransomware Gang Claims Responsibility

The first sign of trouble emerged when Bleeping Computer, a cybersecurity news website, reported on the Daixin ransomware gang's claim of responsibility for an attack on Omni Hotels. The article, stated that the gang had stolen data from the hotel chain and threatened to release it if a ransom was not paid. This news was particularly concerning as Omni Hotels had already been a victim of a data breach in the past.

US Govt. Warns of Daixin Team Targeting Healthcare

Adding to the gravity of the situation highlighting a warning issued by the Cybersecurity and Infrastructure Security Agency (CISA) regarding the Daixin Team's targeting of healthcare organizations. The article detailed the gang's tactics, which included encrypting systems, stealing data, and exploiting vulnerabilities in VPN servers to gain access to networks. Once inside, the gang would use RDP and SSH to move laterally within the network and escalate privileges to gain more control. Notably, the article also mentioned that ransomware groups like Daixin often steal data and threaten to leak it, mirroring the current situation with Omni Hotels.

Omni Hotels Confirms Cyberattack Behind Ongoing IT Outage

More details confirmed that Omni Hotels had indeed been hit by a cyberattack and had been working to restore its systems since the attack began on Friday, March 29th. The attack had a widespread impact, affecting critical hotel systems such as reservations, credit card payments, and even hotel room door locks. The article highlighted the ongoing efforts by Omni Hotels to restore normalcy to its operations.

Nationwide IT Outage at Omni Hotels - Cause Yet Unknown

As earlier reported on the initial nationwide IT outage at Omni Hotels that began on Friday. The impact of the outage on various hotel systems, including reservations, credit card payments, and door locks. Interestingly, the cause of the outage was not entirely clear at that point. While some employees suspected a cyberattack, Omni Hotels had not yet confirmed it.

Omni Hotels Struggles to Recover Amidst Data Breach Concerns

While the exact nature of the attack and the extent of data theft remain unclear, the series of events paint a concerning picture for Omni Hotels. The hotel chain is grappling with restoring its IT systems while facing the potential consequences of a data breach. The attack also serves as a stark reminder of the growing threat posed by ransomware gangs like Daixin, who target not only healthcare organizations but also hospitality chains like Omni Hotels.

This is a developing story, and further information may emerge in the coming days. Stay tuned for updates on how Omni Hotels navigates this challenging situation