One of Oregon’s most prominent luxury destinations has been victimized by an unusual cyberattack, with hackers posting employee information and a ledger of guests online in an apparent attempt to squeeze the hotel and compel it to pay a ransom.
“It’s not a new strategy. It’s just the way they are implementing it that is new … by putting it on the public internet in an easily searchable form,” said Brett Callow, a threat analyst for New Zealand cybersecurity firm Emsisoft. “As far as I’m aware this hasn’t been done before.”
Hackers apparently breached The Allison Inn & Spa in Newberg, demanding that the property negotiate to keep employee and guest records confidential. The cybercriminals claim to have information on 1,500 employees and former employees and 2,500 reservation records from 2022.