Nordic Choice Hotels has disclosed a virus attack that occurred on Dec. 2, 2021. The attack affected the hotel chain's IT systems used to handle reservations, check-in, check-out and creation of new room keys, according to a prepared statement.
There is no indication that data was leaked during the attack, Nordic Choice indicated. However, there is a risk that information about guest reservations and stays at Nordic Choice hotels may have been compromised.
The hotel company did not disclose whether it has hired third-party incident response, cyber forensics or MSSP partners to assist the investigation or recovery.
How Has Nordic Choice Responded to the Cyberattack?
Nordic Choice has reported the cyberattack to police and notified the Norwegian Data Protection Authority and National Security Authority, the hotel chain indicated. It is reestablishing IT systems impacted by the cyberattack and taking measures to prevent similar attacks from happening.
In addition, Nordic Choice is urging hotel guests to keep an eye out for suspicious text messages, phone calls and emails. Nordic Choice also is encouraging guests who suspect online fraud or ID theft to notify the police.
Nordic Choice is one of the largest hotel chains in the Nordics. It manages over 190 hotels across the region, including Clarion, Quality and Comfort hotels.
Key Takeaways from the Nordic Choice Cyberattack
Cybercriminals have used viruses and other attack vectors to access the IT systems of Nordic Choice, Choice Hotels, Marriott Starwood and other globally recognized hotel brands. They continue to explore ways to attack organizations of all sizes and across all industries, and MSSPs must plan accordingly.