Red Roof experienced a cybersecurity incident in September that briefly left its systems offline but did not involve guest data, the hotel company announced Friday.
On Sept. 23, Red Roof detected “suspicious activity” within its systems that soon appeared to be ransomware based on several factors, including the encryption of a limited subset of Red Roof data, the company said.
Upon discovery, Red Roof reported the situation to federal law enforcement and took action to protect its systems and data by taking affected systems offline and resetting passwords. As a result, the company was able to confine the breach to a “small number of systems compared to its overall infrastructure,” it said.
An investigation following the incident found that a hacker gained access to a limited number of Red Roof's systems before deploying ransomware, according to the company.
Personal data — including names, dates of birth, social security numbers, driver's license numbers, passport numbers, financial account numbers, credit and/or debit card numbers, medical information and health insurance information — was copied from Red Roof's network.
None of the stolen data has been misused for identity theft or fraud, Red Roof said.
Las Vegas resort operators MGM Resorts International and Caesars Entertainment weren’t so lucky when they experienced similar cyber incidents in September.
Both companies fell victim to separate ransomware attacks, which compromised the personal data of their customers. MGM is facing class action litigation in connection with the attack, with customers alleging the company was negligent and gained unjust enrichment for failing to protect their personal data.
Although Red Roof is not aware of the misuse of any affected individuals’ information, it’s offering free credit monitoring services to the potentially impacted individuals for 24 months.
In the wake of the attack, the company also took measures to improve the security of its information technology systems, including implementing software and hardware to prevent, detect and respond to unauthorized activity; resetting and strengthening passwords; and adopting new network access policies.
Since hotels can be particularly vulnerable to cyberattacks, cybersecurity experts suggest hoteliers take similar measures to avoid them.