The Ritz, London

Recent reports indicate that the luxury hotel brand, The Ritz, London faced a cyber attack after hackers posed as hotel employees. 

Good morning, afternoon or evening! We’re back again this Friday with another cyber attack of the week, here at CPG. Today, we are reviewing the recent attack on the Ritz London

This prominent hotel is located in the UK and provides 5-star experiences and Michelin-Starred restaurants. What could be more regal? Well, as great as staying at the hotel, a recent cyber attack may put a damper on things for guests.

 

The Attack

To begin, in a recent string of tweets, the hotel confirms that they experienced a data breach on August 12th, 2020. They believed the potential” breach may have put guest information at risk, and launched an investigation.

 

 

Further, where did the attack start? To elaborate, the evidence shows that attackers gained access through a vulnerability in the restaurant’s food and beverage registration system. The hotel failed to recognize the issue that led to an even bigger problem.

Continuing on, in a tweet, the Ritz stated that they did not believe that any credit card or other payment information fell victim to the attack. But, the attackers were smart, and wasted no time in scheming up a larger plan.

 

Puttin’ on the Ritz Social Engineering Campaign

Now, even though the hotel claimed that the payment information did not become exposed, other leaked data is what became a part of the bigger plan. 

The attackers used any leaked information to contact guests and perform various types of social engineering plots. 

One of the attack methods turned out to be the attackers spoofing the hotel number and employee status to contact guests directly. Further, they used tactics like confirming trip details, verifying payment information and more. 

Then, they scammers used any and all information learned in the attack to make purchases on the guests’ account. Some were lucky enough to notice the fraudulent charges and handle the issue. 

 

 

While this issue is still under investigation by the hotel, it is unclear how many guests are still at risk. In another tweet, the Ritz stated they are contacting clients and working with investigators to ensure this never happens again. 

 

By Taylor Ritchey