As of 16 October 2023

Unfortunately, the Motel One Group has become the target of a hacker attack. In the process, so far unknown perpetrators penetrated the internal systems and attempted to presumably carry out a so-called ransomware attack. Business operations and thus future reservations were never at risk.
The immediate measures included the commissioning of a certified IT security service provider as well as cooperation with investigative and data protection authorities.

According to the current state of knowledge, in particular, address and invoice data of customers were affected - including about 150 credit card data. The concerned credit card holders have already been informed personally.

1.            What happened?

The Motel One Group became a victim of a targeted hacker attack. Perpetrators, who have not been identified yet, have penetrated the protected IT system The perpetrators stole data and presumably tried to carry out a so-called ransomware attack. The perpetrators did not succeed in "paralysing" the IT structure. Business operations are running smoothly. Future reservations were also never at risk.

Motel One took immediate action after discovering the theft and is working closely and trustfully with the police, data protection authorities and experienced IT security service providers. The traces of the break-in and the extent of the data theft are currently being evaluated.


2.            What data is affected?

According to current knowledge, mainly old invoice data has been stolen, which we have stored within the legal retention periods. The invoices contain the data of your stay, your first and last name, the postal address of the invoice recipient and the payment method (e.g. invoice or Visa/Mastercard). The stolen invoice data generally does not contain a full credit card number or bank details, email address or telephone contact details.

In addition, the perpetrators stole around 150 very specific credit card data from another database. We have already personally informed the affected cardholders about the theft.

We will of course contact any other affected individuals directly if the ongoing investigation should reveal further indications of special risks.

If you have any questions, please contact us at any time at: privacy@motel-one.com


3.            What steps has Motel One taken in response to the hacker attack?

We forensically examined the entire IT system immediately after becoming aware of the hacker attack and ensured that no further personal data could be stolen. 

In addition, we have informed the competent data protection authorities about the hacker attack and filed a criminal complaint with the police. The police are investigating in close cooperation with our IT experts to find the perpetrator(s).

We are currently analysing the data affected by the attack in great detail and are being supported by a certified IT security service provider. At the moment, we assume that only the named data has been stolen and that our systems are working securely. No malware was found during a comprehensive screening. The way the burglar or burglars have found to penetrate our protected system is known and has been "closed" immediately.

4.            What measures has Motel One taken to protect my data?

We take the protection of your personal data very seriously. We have comprehensive and high security standards to protect your personal data. You can be sure that your data is protected by us. The fact that there has nevertheless been a successful break-in into our systems shows the high criminal energy of the hacker group.


5.            What consequences do I have to fear from the hacker attack?

We currently assume that predominantly our guests' address and billing data has been stolen. The stolen billing data does not contain any e-mail address or telephone contact details. 

We generally advise you to be careful - regardless of the data theft that has now occurred.  In general, you should continue to be alert - as always - if someone tries to get you to behave in certain ways using your contact details, in particular to disclose further confidential information or to make payments.

6.            Has fraud / misuse already occurred with my data?

Neither we nor the investigating authorities are aware of any attempt to date to misuse the stolen data.


7.            Has my data been published on the Dark Net?

According to our current knowledge, the hacker group has published stolen data on the Dark Net. According to preliminary findings, the stolen data mainly concerns address and billing information.

In addition, credit card information of around 150 specific credit card holders has been published on the Dark Net. The credit card holders concerned have been personally informed by us and have implemented special precautionary measures. There, too, no attempt at misuse has been reported so far.


8.            What does the hacker attack mean for my existing and future hotel bookings?

The hacker attack has no impact on your existing and future hotel bookings. Business operations in our hotels have not been and are not affected by the hacker attack.


9.            Do I have to file a formal complaint with the police?

We have informed the relevant supervisory authorities and filed a criminal complaint. If you have indications that your data is being misused, e.g. if you realise that your data is being misused or you are being contacted by third parties with reference to your data, you can file a complaint with your local police station.

10.         Has there been any damage?

To our knowledge, no material damage has been caused to our guests, including the approximately 150 affected credit card holders whose data was stolen. 
If you have any indications that your data has been misused, please contact us immediately at the email address privacy@motel-one.com.


11.         What future measures will you take to ensure that such incident does not happen again?

We work closely with experienced information and IT security experts as well as with the relevant authorities to ensure the highest levels of data security at all times.

Even though our systems and organisational instructions are up to date and continuously maintained, attacks cannot be ruled out, neither in our company nor in any other IT system in the world. The police report that, in Germany alone, around 6,000 companies report hacker attacks every year, and the number of unreported attacks is many times higher.

We will continue to do everything we can to protect ourselves against attacks on our IT in the future.

Read more