Please ensure Javascript is enabled for purposes of website accessibility

Hackers held the Romantik Seehotel Jaegerwirt, a beautiful luxury hotel in the Alps, ransom by disabling their key creation system. The attack left the hotel completely unable to make new electronic hotel keys for guests. Checking in new guests was suddenly impossible.

The hotel was completely booked when the attack happened. The disruptions was a nightmare for their operations, and the hotel decided that is was faster and cheaper to pay the ransom than try to get the systems back up and running.

Some outlets initially reported that guests were locked in or out of their rooms. This was not the case. The attack simply disabled the key creation system. Had the hackers actually managed to kill the locks on each room (not entirely sure this is possible since the locks should be entirely mechanical on the inside), it would have been a much scarier scenario.


Oh, you need to make room keys? That’ll cost you

What were the hackers demands? The sum of 1,500 EUR (equivalent to ~$1,600 USD), paid in Bitcoin. The attackers promised to have the system back up and running quickly upon payment. The hotel complied, saying that they had no other choice.

According to the manager, the hotel is now planning to make the transition back to real, physical keys for their rooms. This would completely eliminate this particular threat, but it may come with other costs, such as guests losing physical keys.

Personally, I think the hackers were clever on two counts (not that I am condoning the attack in any way): (1) they hit the hotel when it was fully booked, and (2) they asked for a reasonable amount of money, one that the hotel might actually pay to get rid of the inconvenience. The demand of 1,500 EUR is roughly the price of 5 standard rooms for one night. Enough to hurt a bit, but low enough that the hotel would likely comply.

Points With a Crew has partnered with CardRatings for our coverage of credit card products. Points With a Crew and CardRatings may receive a commission from card issuers. Responses are not provided or commissioned by the bank advertiser. Responses have not been reviewed, approved or otherwise endorsed by the bank advertiser. It is not the bank advertiser's responsibility to ensure all posts and/or questions are answered. Other links on this page may also pay me a commission - as always, thanks for your support if you use them