A four-star resort in the Austrian Alps reportedly paid a $1,600 ransom to regain control of its hacked computer system.
The Romantik Seehotel Jägerwirt's systems were knocked offline earlier this month, temporarily interfering with electronic room keys and guest check-ins. It's the third time the hotel suffered an attack, but the first time hackers managed to gain full control.
At the time of the attack—opening weekend of the winter season—the hotel was booked solid with 180 guests, managing director Christoph Brandstaetter told Austrian news site The Local.
Contrary to initial reports, however, no guests were stranded inside or out of their rooms, company spokeswoman Christina Brandstätter told PCMag.
"Sorry to tell you—this is FAKE and wrong information," she wrote in an email. "We have been hacked but no guests were locked in or out." Brandstätter declined to comment further on the reports. Even so, losing access to the electronic room key system suggests some kind of manual override would have been required to allow continued access.
According to The Local, hackers promised to restore the hotel's system in exchange for 2 Bitcoin (€1,500/$1,600)—to which Seehotel Jägerwirt agreed.
"Neither police nor insurance help you in this case," Brandstaetter lamented to The Local. "The restoration of our system after the first attack in summer has cost us several thousand euros. We did not get any money from the insurance so far because none of those to blame could be found."
It was cheaper and faster, he said, to simply pay the requested ransom.
- Ransomware Offers Victims Free Decryption For Infecting Their FriendsRansomware Offers Victims Free Decryption For Infecting Their Friends
"Every euro that is paid to blackmailers hurts us," Brandstaetter continued. "We know that other colleagues have been attacked, who have done similarly."
The ski resort—which suffered two attempts before the cybercriminals broke through—is not alone: A recent study from IBM Security found that 70 percent of businesses infected with ransomware have paid money to regain access to their data and systems.
St. Louis Public Library, meanwhile, managed to regain access to affected servers following a city-wide attack last week—without paying a penny of the demanded $35,000 ransom.