Lodging provider Red Roof has confirmed the company experienced a ransomware attack on Sept. 23, involving a “limited subset” of data that did not include guest information, the company announced Friday.
According to Red Roof, the company discovered “unauthorized access” that presented “hallmarks of a ransomware attack” Sept. 23. In response, the company “immediately” moved impacted systems offline and began “implementing software and hardware to prevent, detect and respond to unauthorized activity,” the company said in a statement. In doing so, Red Roof confined the security breach to a small number of systems, according to the company.
Following an internal investigation, Red Roof confirmed no guest data was involved in the breach, but a “limited number” of information was copied from the company’s network.
Additionally, Red Roof confirmed the individuals “whose information was potentially involved,” the company said, adding that there is “currently no indication that any Information [copied from Red Roof’s network] has been misused for identity theft or fraud in connection with this Incident.”
