TFE Hotels

Summary

TFE Hotels, the Australian hospitality group managing brands including Adina, Vibe, and Travelodge, suffered a significant cyber attack in early March 2025 that disrupted hotel operations across its network. Cyber criminals claimed to have stolen 530 gigabytes of data including financial information and contact details of employees and customers, though no ransom was demanded.

What Happened

On 1 March 2025, TFE Hotels disclosed a cyber incident via social media that impacted its network infrastructure. The attack disrupted critical hotel systems, preventing guests from checking in electronically and requiring phone lines to be rerouted to a central customer service team. Cyber criminals claimed responsibility for the attack and stated they would upload 530 gigabytes of stolen information, including financial records and contact details of employees and customers, though they did not issue ransom demands or provide a publication date.

Impact on Individuals

The breach potentially affects employees and customers of TFE Hotels, with the attackers claiming to have accessed financial information and contact details. Guests experienced significant service disruptions, including inability to check in through normal systems and requiring manual processing by hotel staff.

Organisational Response

TFE Hotels publicly disclosed the incident and began working with cyber security experts to investigate and restore operations. Whilst some systems were restored across the hotel network, recovery proved to be an extended process requiring interim measures such as manual guest assistance and centralised phone support. The company continued serving guests throughout the incident whilst implementing system restoration measures.