RansomHouse Targets Lopesan Hotels

Attack Overview

Lopesan Hotels, a prominent player in the hospitality and tourism sector, has recently fallen victim to a cyber attack orchestrated by the ransomware group RansomHouse. The attack involved the exfiltration of approximately 650 GB of data from Lopesan's network.

Company Profile

Lopesan Hotels, headquartered in Gran Canaria, Spain, is a major entity in the hospitality industry, known for its luxurious accommodations and high-quality services. The company operates multiple hotels and resorts across various prime locations, catering to a global clientele seeking premium vacation experiences. The scale and visibility of Lopesan make it an attractive target for cybercriminals looking to exploit valuable data.

RansomHouse's Modus Operandi

RansomHouse, a group that emerged in late 2021, deviates from traditional ransomware tactics by opting not to encrypt data but rather to steal and threaten its release unless a ransom is paid. This method allows them to position themselves as 'penetration testers,' claiming to highlight security flaws. Their approach involves detailed reconnaissance to exploit vulnerabilities within the network, followed by data exfiltration and extortion.

Implications for the Hospitality Sector

The attack on Lopesan underscores a growing trend of targeted cyber attacks within the hospitality sector, which is particularly vulnerable due to the vast amounts of personal and financial data processed. The incident highlights the critical need for enhanced cybersecurity measures in an industry that thrives on trust and reputation.

Sources

• Lopesan Website
• ThreatDown: Threat Profile - RansomHouse Makes Extortion Work Without Ransomware
• Cyberint: RansomHouse Research
• SciLabs Blog: Threat Profile - RansomHouse
• Thodex: RansomHouse
• BleepingComputer: New RansomHouse Group Sets Up Extortion Market, Adds First Victims