Cyber Incident Victim: The Piccadily

On February 27, 2019, at approximately 11:45 PM, staff at The Piccadily, a five-star hotel in Lucknow, encountered a system disruption while updating monthly business data. The computers displayed pop-up messages stating, "Oops, your important files are encrypted," rendering the system inaccessible. After attempting to resolve the issue by rebooting, the system crashed completely. Hotel management subsequently engaged a software engineer to diagnose the malfunction, leading to the identification of a ransomware attack. During recovery efforts, a link appeared on the screen directing to a ransom demand message, which declared the system would remain blocked until payment was made. Attackers provided an email address for further communication. The compromised data included the hotel’s accounting records, billing details, and inventory cycles spanning from 2012 through February 27, 2019.

Jitendra Kumar Singh, the hotel’s finance controller, filed a formal complaint (FIR) with the Lucknow Cyber Cell on March 9, 2019. Police initiated an investigation but were unable to recover the encrypted data at the time of reporting. Deputy Superintendent Abhay Mishra, the nodal cyber cell officer, confirmed this was the city’s first documented ransomware incident and disclosed efforts to trace the attackers’ IP address linked to the ransom message. The hotel also enlisted private cyber detectives to assist in the probe. Independent cybersecurity expert Prateek Dubey assessed that the attackers likely infiltrated the system via phishing, deploying malware to encrypt and lock critical data. The attackers’ ransom demand methodology reportedly involved Bitcoin, though specific payment instructions or amounts were not disclosed in the FIR or public statements. No operational or financial impact details beyond data inaccessibility were confirmed in available reports.