Payment card details accessed in Motel One hack

Low-budget hotel chain Motel One has been the victim of a ransomware attack that exposed customers’ payment card details. 

News of the ransomware attack and subsequent data breach was made public on September 30, after Motel One made a post regarding it on its X page, saying: “Motel One has become the target of a hacker attack. Address data of customers was accessed, including 150 credit card details.” 

The hotel chain went on to say that those impacted by the data breach had been made aware, as had IT security, investigation and data protection authorities. The company also noted that its business operations were never at risk during the attack. 

While Motel One said via a press release that the malicious actors who launched the attack were “currently unknown”, responsibility for the data breach was claimed by ransomware gang ALPHV (also known as BlackCat).  

In a post made to its dark web data leaks site, the ransomware gang claimed that it had stolen 5.5 terabytes of data, including nearly 24.5 million files. 

According to ALPHV, the data stolen “include[s] PDF & RTF booking confirmations for the past 3 years containing names, addresses, dates of reservation, payment method, and contact information. Additionally, there is a significant amount of your customers' credit card data and internal company documents, which undoubtedly hold sensitive information.”

The ransomware gang went on to accuse Motel One’s management of “delaying and making excuses”, giving them five days to contact them regarding a ransom or “a catastrophe” will befall the hotel chain. This “catastrophe” is likely to be ALPHV leaking the stolen data, which they say “pose[s] significant reputational and legal risks”. 

Motel One has not yet publicly addressed ALPHV’s claims.