Cyber Incident Victim: Melia Hotels International

On October 4, 2021, Meliá Hotels International experienced a cybersecurity incident that disrupted operations across its Spain-based infrastructure. The attack began in the early hours of Monday, targeting internal networks and web-based servers critical to business functions. Primary impacts included the compromise of the company’s reservation system and public-facing websites, which hindered booking capabilities and digital customer interactions. Multiple Spanish media outlets characterized the event as a ransomware attack, though no ransomware group publicly claimed responsibility or listed Meliá on leak sites during the immediate aftermath. The hotel chain, ranked among the world’s largest with over 370 properties in 40+ countries, prioritized containment by isolating affected systems. It promptly notified Spanish financial regulators and law enforcement agencies while engaging Telefonica’s cybersecurity division for forensic support and recovery assistance.

Meliá’s incident response team initiated restoration procedures using backup systems, enabling a return to normal operations within days. This rapid recovery minimized disruptions to guest services, with hotels continuing to accommodate visitors throughout the incident. The company did not publicly disclose technical details regarding the attack vector, data compromise, or financial impact. A spokesperson declined further commentary beyond confirming remediation efforts, and Spanish authorities maintained silence due to the ongoing investigation. No subsequent updates revealed whether threat actors exfiltrated data or demanded ransom. The incident underscored the operational resilience of Meliá’s backup infrastructure while highlighting persistent threats to critical hospitality sector systems like reservations and customer-facing platforms.