Taj Hotels, a subsidiary of Indian Hotels Company Ltd (IHCL), recently fell victim to a cyber-attack that resulted in the compromise of personal details belonging to more than 1.5 million customers. The leaked information encompasses a range of sensitive data, including addresses, membership IDs, mobile numbers, and other Personal Identifiable Information (PII) spanning the period from 2014 to 2020.
The motive behind Taj Hotels, now under the ownership of the Tata Group, holding such PII remains unclear. This is noteworthy given the stringent guidelines from the Indian government, which stipulate that businesses in the hospitality sector should not retain sensitive information such as dates of birth and banking details, including card information.
The Indian Computer Emergency Response Team (CERT-IN) has taken cognizance of the situation and is actively engaged in investigating the cyber breach.
In response to the incident, IHCL has released a statement affirming its commitment to prioritizing the protection of customer details. To this end, the company has enlisted the expertise of forensic specialists to conduct a thorough investigation into the extent of the breach.
A notable aspect of this cyber threat is the involvement of a threat actor named “DNA Cookies,” who has demanded a ransom of $5000 for the release of the stolen data. The threat actor has set a specific timeframe for negotiating the ransom payment. Uniquely, the demand extends to payment for the entire dataset, as opposed to providing a sample to verify the authenticity of the compromised information.
Complicating matters further, the cybercriminal has published a segment of the pilfered data on BreachForums, accessible exclusively through the dark web. In a peculiar twist, DNA Cookies has instructed Taj Hotels’ IT staff to initiate contact through a designated member on the forum, explicitly discouraging communication from external sources.
As the investigation unfolds, additional details regarding the scope and impact of the cyber-attack are eagerly anticipated.
