Google Responds to Cyberattack on Indonesian Hotels

Incident Overview:

  • Date of Attack: Began on Sunday.
  • Affected Locations: Hotels across multiple regions including West Sumatra, Riau, South Sumatra, Riau Islands, Banten, Jakarta, West Java, Central Java, Yogyakarta, East Java, Bali, and South Sulawesi.

Details of the Attack:

  • Affected Accounts: Google Business accounts of various hotels.
  • Nature of the Compromise:
    • Altered phone numbers replaced with WhatsApp numbers.
    • Modified bank account numbers and reservation details.
  • Impact: Significant risk to consumers, with at least ten reported victims in Central Java.

Google’s Response:

  • Statement: “We encountered a technical issue that caused incorrect modifications to several business profiles. We’ve implemented a solution to prevent further errors and are actively restoring accurate information.”
  • Actions Taken: Restoring accurate information and preventing further issues.

Association’s Response:

  • Indonesian Hotel and Restaurant Association (PHRI):
    • Chairperson: Haryadi B.S. Sukamdani.
    • Current Status: Gathering data, confirmed 92 affected hotels in East Java, 156 in Central Java, and 8 in Lampung.
    • Public Advisory:
      • Verify Information: Use official hotel channels such as social media or websites.
      • Payment Precautions: Confirm bank account numbers and use official accounts.

Next Steps:

  • PHRI’s Plan: Report the incident to the Indonesian National Police.

This cyberattack underscores the importance of vigilance and verification when dealing with online information and transactions. For updates and further information, keep an eye on announcements from Google and PHRI.

Incident Summary:

  • Date of Incident: Attacks began on Sunday.
  • Affected Areas: Hotels across various Indonesian regions including West Sumatra, Riau, South Sumatra, Riau Islands, Banten, Jakarta, West Java, Central Java, Yogyakarta, East Java, Bali, and South Sulawesi.
  • Impact: Compromised Google Business accounts for numerous hotels.

Details of the Attack:

  • Modifications: Hackers altered hotel business profiles by replacing phone numbers with WhatsApp numbers, changing bank account details, and modifying reservation information.
  • Consequences: Significant risk to customers, with ten reported victims in Central Java alone.

Google’s Actions:

  • Statement: Google acknowledged the issue and stated, “We encountered a technical issue that caused incorrect modifications to several business profiles. We’ve implemented a solution to prevent further errors and are actively restoring accurate information.”
  • Current Measures:
    • Restoring correct data for affected hotels.
    • Implementing measures to prevent further unauthorized modifications.

Response from Indonesian Hotel and Restaurant Association (PHRI):

  • Chairperson: Haryadi B.S. Sukamdani.
  • Affected Hotels: At least 92 in East Java, 156 in Central Java, and 8 in Lampung.
  • Advice to Public:
    • Verify hotel details through official channels like hotel websites or social media.
    • Confirm payment details directly with hotels to avoid fraudulent transactions.
  • Planned Actions: Reporting the incident to the Indonesian National Police.

Impact and Recommendations:

  • Consumer Safety: Increased awareness and verification are crucial for consumers making reservations or transactions.
  • Public Guidance: Exercise caution and verify all hotel information directly with the hotel to avoid falling victim to scams.