A ransomware group known as NightSpire has claimed responsibility for hacking into Hyatt's systems and stealing data. The group states it has obtained nearly 50GB of files from the hotel chain, which it plans to sell. This incident highlights ongoing cybersecurity threats to the hospitality sector.
The ransomware gang NightSpire announced on January 20, 2026, that it had infiltrated Hyatt's computer systems and extracted sensitive information. According to the group's statement, the breach resulted in the theft of almost 50GB of data, which NightSpire is now offering for sale on underground forums.
Hyatt, a major global hospitality company, has not yet issued an official response to the claim as of the publication date. Such ransomware attacks often involve demands for payment to prevent data leaks, though NightSpire's specific demands remain unclear from available details.
This event underscores the persistent vulnerability of large corporations to cyber threats, particularly in industries handling customer data. Previous incidents in the hospitality sector have led to significant disruptions and financial losses, prompting increased investments in cybersecurity measures.
Experts note that verifying such claims is crucial, as some groups exaggerate breaches for notoriety. However, the volume of data mentioned suggests a potentially serious compromise if confirmed.