NightSpire ransomware gang alleges Hyatt breach, leaks data

Cybernews reports that major U.S. multinational hospitality company Hyatt was claimed to have been breached by the NightSpire ransomware operation, which has offered a free download of 48.5 GB of data purportedly pilfered from the Hyatt Place Chelsea New York hotel.

Analysis of the data samples revealed invoices, expense reports with employees' complete names, contact details, signatures, and partner company information, according to the Cybernews research team, which suspects the files to have been stolen from the hotel's internal CMS.

"If employee credentials prove to be compromised, the risk goes beyond scams. Stolen logins can be exploited to access internal tools, read sensitive communications, or move laterally across Hyatt's network," researchers added.

Such a development comes almost a year after Hyatt had its workers' data inadvertently exposed by a misconfigured AWS bucket owned by its hiring and onboarding provider Foh&Boh. Meanwhile, NightSpire was noted by SOCRadar to have mostly targeted the U.S. since its emergence last March.