Daixin Ransomware Gang Claims Data Breach at Omni Hotels & Resorts

The Daixin ransomware gang has claimed responsibility for infiltrating the systems of Omni Hotels & Resorts, alleging to have stolen sensitive data spanning from 2017 to 2024, including comprehensive visitor records.

On March 29, 2024, Omni Hotels & Resorts experienced a significant IT outage that was later confirmed as a cyberattack, prompting the hotel chain to shut down its systems to contain the breach. Upon discovering the breach, Omni Hotels collaborated with leading cybersecurity experts to mitigate the damage and investigate the incident's origins.

The shutdown affected various services, including reservation systems and point-of-sale operations. Despite efforts to restore services, with systems coming back online by April 9, 2024, the breach's full scope was not disclosed until the Daixin group's recent claim.

The ransomware group, known for its disruptive attacks on large corporations, states that they possess extensive guest data, including personal details spanning seven years. Their public disclosure aims to pressure Omni to meet their undisclosed ransom demands to prevent the release of this sensitive information. However, no samples of data have been leaked on the threat group's extortion portal yet.

Omni Hotels & Resorts, with a longstanding history dating back to 1958 and a portfolio of 50 properties across North America, has emphasized that restoring and securing their systems remains their top priority. The company reassures its guests and stakeholders of ongoing efforts to safeguard data and prevent future incidents.

The data breach potentially affects millions of guests who have stayed at Omni properties over the years. With the stolen data purportedly including detailed visitor records, the implications for privacy and security are significant. Guests might face risks related to identity theft and fraud if the data were to be leaked or misused.

For guests concerned about their data, it is advisable to monitor their financial accounts for unusual activity and consider placing fraud alerts with credit agencies. At this time, Omni Hotels has not confirmed the validity of Daixin's claims, and since no records have been leaked online, there can be no validation of whether the data is real or not. Despite that, and out of an abundance of caution, Omni customers are advised to remain vigilant.