Cyber Incident Victim: Großarl

On the morning of Wednesday, January 1, 2025, unidentified attackers executed a cyberattack against a hotel in Großarl, Austria, by deploying encryption malware on the hotel’s computer systems. The attackers successfully locked the hotel out of its operational infrastructure and encrypted all data stored on the business’s server. Following the encryption of the systems, the perpetrators contacted the hotel to demand a ransom payment of 0.15 Bitcoin, equivalent to approximately €14,000 at the time, in exchange for restoring access to the encrypted data. The hotel management chose not to comply with the ransom demand, opting against transferring the cryptocurrency to the attackers. Law enforcement authorities confirmed the incident but did not disclose whether the attackers exploited specific vulnerabilities or the duration of the system lockdown.

The attack disrupted the hotel’s operational capabilities by rendering its computer systems inaccessible, though the exact scope of affected functions—such as reservations, payments, or internal communications—was not detailed in initial reports. No guest data breaches or physical safety incidents were mentioned as direct consequences. The hotel’s refusal to pay the ransom left the encrypted systems unrecovered at the time of reporting, with the total financial impact—including operational losses, recovery costs, or data restoration expenses—remaining unquantified. Police investigators did not identify the attackers or their methods beyond the use of encryption software, and no claims of data exfiltration or secondary threats were reported. The incident remained under active investigation with no public updates regarding system restoration timelines or forensic findings.