Post

Case Study 1

Posted Updated
By Harsh Gharsandiya
1 min read
Case Study 1

Daixin Ransomware Attack on Omni Hotels (2024)

  • Omni Hotels & Resorts, a luxury hotel chain, experienced a ransomware attack by the Daixin Team in March 2024. This attack disrupted the company’s IT systems, affecting reservations, hotel room locks, and point-of-sale (POS) systems.

The Breach

  • Attack Method: The Daixin Team gained access to Omni’s network by exploiting vulnerabilities in VPN servers or using compromised VPN credentials with disabled multi-factor authentication (MFA).
  • Data Compromise: The attackers claimed to have stolen sensitive information, including personal details of over 3.5 million visitors since 2017.

Omni_last_sample_redacted.png

Impact

  • Operational Disruption: The attack caused a nationwide IT outage at Omni Hotels, disrupting guest services.
  • Data Exposure: Threatened to release sensitive customer information unless a ransom was paid.

omni_chat.png

Response

  • Immediate Actions: Omni shut down its systems to contain the breach and initiated an investigation with a cybersecurity response team.
  • Restoration: The company began manually restoring encrypted servers from backups.

Untitled

Lessons Learned

  1. Regular Software Updates: Keeping systems updated to prevent exploitation of known vulnerabilities.
  2. MFA Implementation: Ensuring MFA is enabled to protect against unauthorized access.
  3. Incident Response Plans: Having a robust plan to quickly address and mitigate cyberattacks.

Conclusion

The Daixin ransomware attack on Omni Hotels highlights the critical need for strong cybersecurity practices to protect sensitive data and maintain operational integrity.

Untitled

Website: https://www.omnihotels.com/

For more details, you can read the full article here.

https://www.bleepingcomputer.com/news/security/daixin-ransomware-gang-claims-attack-on-omni-hotels/ https://databreaches.net/2024/04/14/omni-hotels-resorts-attack-in-march-now-claimed-by-daixin-team/

https://www.securityweek.com/omni-hotels-says-personal-information-stolen-in-ransomware-attack/

https://www.cisa.gov/sites/default/files/publications/aa22-294a-stopransomware-daixin-team.pdf

Case Study, Vulnerability
ransomware Daixin blog
This post is licensed under CC BY 4.0 by the author.