Omni Hotels says widespread outages caused by cyberattack

Omni Hotels & Resorts confirmed on Wednesday evening that recent technology outages were caused by a cyberattack that was first discovered last Friday. 

The U.S.-based chain — which operates 50 hotels and resorts across North America — has been dealing with technological issues all week making it difficult for guests to check in and make new reservations. 

Customers have flooded social media platforms with complaints about a range of issues they endured  when staying at Omni-owned hotels this week. Bleeping Computer was first to report on the outages. 

In updated messages posted to social media, the hotel chain said the incident began on March 29 and forced its  IT team to shut down affected systems “to protect and contain its data.” 

“As a result, certain systems were brought offline, most of which have been restored. Omni quickly launched an investigation with a leading cybersecurity response team, which is ongoing,” the company said. 

“As our team works diligently to restore the remainder of the systems to full functionality, we continue to welcome our guests and accept new reservations.”

A spokesperson for Omni Hotels declined to answer questions about whether the incident was a ransomware attack, instead directing Recorded Future News to an FAQ document that said the situation had been resolved.

The document said the company is still working to determine the scope of the attack to see whether customer data was stolen. 

The company apologized for the “disruption and inconvenience” for current customers. 

No ransomware gang or hacking group has taken credit so far. 

The issues reported by customers — which included hour-long waits to check in, issues changing reservations, and an inability to call certain offices — resemble those seen last fall during a ransomware attack on MGM in Las Vegas. 

At least one Omni customer wrote on Reddit that she was forced to contact the front desk to get someone to open her door, and the process took more than 30 minutes. 

One alleged employee said it was a “stressful week” because of the technology outages, arguing that the chain will “surely lose millions over this attack and lose loyal customers.”