Thousands of Guests at Italian Hotels Hit in Wide-Ranging Cyberattack

A shocking cyberattack has left thousands of guests' sensitive information vulnerable, with Italy's technical agency for digital transformation, AGID, confirming the breach and warning of potential serious consequences for victims.

A threat actor using the alias "mydocs" recently took to underground hacking forums to advertise the sale of around 100,000 individual identity documents, including passport scans, ID cards, and more. The stolen data was allegedly obtained from multiple hotels across Italy, sparking initial skepticism among cybersecurity experts. However, AGID has now confirmed the authenticity of the breach, revealing that at least ten hotels were targeted.

AGID warned that the stolen data can be used for a range of fraudulent purposes, including creating false documents, opening bank accounts, and conducting social engineering attacks. The consequences for victims could be severe, with potential impacts on both economic and legal fronts.

The hospitality industry is among those most frequently targeted by cyberattacks, with hotels, lodging companies, restaurants, event planning agencies, and tourism businesses all falling victim to ransomware, impersonation, and data theft. In this case, it appears that mydocs either exaggerated the number of stolen documents or managed to steal years' worth of sensitive data from some of the affected hotels, which have only a few dozen rooms.

An official investigation is now underway, as authorities work to determine the full extent of the breach and identify those responsible. In the meantime, victims are being urged to remain vigilant with incoming communications, particularly emails that appear to be coming from Italian hotels.

Experts emphasize the importance of vigilance in this situation, highlighting the hospitality industry's vulnerability to cyberattacks due to its handling of sensitive data. As such, businesses must prioritize cybersecurity measures to protect their customers' information and prevent similar breaches in the future.

Stay ahead of the curve with the latest news and insights on cybersecurity and IT. Sign up for the TechRadar Pro newsletter to receive top-notch content and expert guidance tailored to your business needs.