home.social
Sign in Create account

#hhonors — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #hhonors, aggregated by home.social.

  1. Tim Hergert @[email protected] ·

    Update on the Cl0p gang's ransom of Hilton data:

    It looks like cl0p has published the stolen data.

    (I checked at around 18:30 UTC, so that's when I spotted it, although they likely published earlier than that, but I did check yesterday, so it's been in the last 24 hours)

    So - yes, it is indeed being distributed via torrent, which seems to be the gang's new SOP after the MoveIT breach - so those folks who participate in the torrent swarm should be able to glean a good deal of intelligence about the other folks who are downloading that data.

    While I don't have any details on the actual contents of the shared data, I am certain that there will be many a white/grey/black hat joining in to participate in seeing what' contained therein.

    Note: I certainly do not recommend for anyone to actually join the swarm, given the nature of the BitTorrent protocol.

    Best suggestion in this case is wait to see if there is an announcement on haveibeenpwned.com/, and maybe check to see if your email address is exposed in any other breaches while you are there

    That's not to say that you should sit by and do nothing while you wait with bated breath for other folks to figure out the potential damage.

    If you haven't reached out to Hilton already - feel free to engage them in answering some or all of the following questions

    • Are you aware that the ransomware gang cl0p has claimed that they have breached Hilton.com?
    • Are you aware that the ransomware gang cl0p has is currently disseminating this stolen data at the moment?
    • Can you confirm that this breach notification is legitimate?
    • Do you have an idea of what data was allegedly stolen, how much and when?
      • Has the vulnerability that led to this alleged breach been identified and remediated?
    • Is there any personally identifiable information (PII) included in the corpus?
    • Is my PII included in that corpus?
    • Is there a plan to notify affected individuals and/or provide remediation or credit monitoring?

    Feel free to peruse the linked post for additional contact information for the folks at Hilton.

    While I do believe that it is good that the Hilton folks do not appear to have engaged in negotiation or payment with the threat actor in this case, there's no reason why folks shouldn't shine some heat and light on them, given that I still haven't seen any notification or press release from them with regards to any potential breach.

    #hhonors #ice #Hilton #USPol #HiltonBoycott #ransomware

    Original post:
    infosec.exchange/@cjust/115979

    #hhonors #ice #hilton #uspol #hiltonboycott #ransomware
  2. Tim Hergert @[email protected] ·

    So for many folks - cancelling their Hilton Honors membership was a way to let the chain know that their handling of the situation in Minneapolis was unacceptable.

    Nice techdirt article and template for those perhaps looking to do the same techdirt.com/2026/01/07/dear-h

    Now it appears that the #Cl0p folks claim to have breached Hilton.com - but have yet to publish any data. After following cl0p in a previous life, my estimate is that they're found some novel way to breach a specific technology that many of these companies have deployed, have been immensely successful in compromising a large number of them, and are now inundated with data that they have to wade through.

    (first detection I am aware of was at 2026-01-25 15:14:45 UTC)

    infosec.exchange/@ransomwatch/

    However - I do have confidence that Hilton will not pay them and the data will [eventually] be published to The Dark Web™. (Or more accurately - probably via BitTorrent)

    (you can point your TOR enabled browser of choice to santat7kpllt6iyvqbr7q4amdv6dzr for any updates - the attached screenshot is from there)

    What that means is that for folks that did cancel their membership is that their data is likely going to be leaked to various and sundry criminal elements and probably lead to increased cyber-type headaches such as spam, phishing and identity theft for anyone involved. (Note that this is also true for anyone who did not cancel their Hilton Honors membership.)

    Going to preface this next bit by indicating that I'm not a lawyer nor do I play one on TV - and that no sane person should take legal advice from me or anyone else who is not a practicing lawyer lest you end up being the star of one of those "sovereign citizen" clips on youtube.

    Now - there probably is a way to help translate at least some of this into pain for the Hilton chain. If you are in the EU - GDPR does provide a lot of leverage for individuals in terms of data and privacy protection. As data breaches are more common - and you do live in Europe - you may already have some tools to point in Hilton's general direction.

    (Of note as well is that the GDPR 72-hour notifications window starts once the company is "aware" of the breach - and there may be some convoluted verbiage on what that actually means, but your report/request as a European person may be what actually starts that clock.)

    If you don't live in Europe - the folks at DLA Piper have a fairly substantial breakdown of breach requirements by country - but may give you some pointers in keywords to be using when communicating with their agents based on your locale.

    dlapiperdataprotection.com/?t=

    Additionally - if you have the time (and patience) to deal with someone on the phone - this is is the sort of inquiry that will need to be escalated to a human (i.e. will cost Hilton money) to answer.

    hilton.com/en/help-center/glob

    You may also want to reach out via any of the emails listed in the techdirt article above

    This may be of some assistance in providing - at the very least - some time and cycle burn for their public relations folks, who are probably also very busy trying to put some spin on some of their other PR disasters.

    Some questions that you may want to ask anyone that you get a hold of via phone, email, or carrier pigeon:

    • Are you aware that the ransomware gang cl0p has claimed that they have breached Hilton.com?
    • Can you confirm that this breach notification is legitimate?
    • Do you have an idea of what data was allegedly stolen, how much and when?
      • Has the vulnerability that led to this alleged breach been identified and remediated?
    • Is there any personally identifiable information (PII) included in the corpus?
    • Is my PII included in that corpus?
    • Is there a plan to notify affected individuals and/or provide remediation or credit monitoring?

    #hhonors #ice #Hilton #USPol #HiltonBoycott #ransomware

    #cl0p #hhonors #ice #hilton #uspol #hiltonboycott
  3. Tim Hergert @[email protected] ·

    So for many folks - cancelling their Hilton Honors membership was a way to let the chain know that their handling of the situation in Minneapolis was unacceptable.

    Nice techdirt article and template for those perhaps looking to do the same techdirt.com/2026/01/07/dear-h

    Now it appears that the #Cl0p folks claim to have breached Hilton.com - but have yet to publish any data. After following cl0p in a previous life, my estimate is that they're found some novel way to breach a specific technology that many of these companies have deployed, have been immensely successful in compromising a large number of them, and are now inundated with data that they have to wade through.

    (first detection I am aware of was at 2026-01-25 15:14:45 UTC)

    infosec.exchange/@ransomwatch/

    However - I do have confidence that Hilton will not pay them and the data will [eventually] be published to The Dark Web™. (Or more accurately - probably via BitTorrent)

    (you can point your TOR enabled browser of choice to santat7kpllt6iyvqbr7q4amdv6dzr for any updates - the attached screenshot is from there)

    What that means is that for folks that did cancel their membership is that their data is likely going to be leaked to various and sundry criminal elements and probably lead to increased cyber-type headaches such as spam, phishing and identity theft for anyone involved. (Note that this is also true for anyone who did not cancel their Hilton Honors membership.)

    Going to preface this next bit by indicating that I'm not a lawyer nor do I play one on TV - and that no sane person should take legal advice from me or anyone else who is not a practicing lawyer lest you end up being the star of one of those "sovereign citizen" clips on youtube.

    Now - there probably is a way to help translate at least some of this into pain for the Hilton chain. If you are in the EU - GDPR does provide a lot of leverage for individuals in terms of data and privacy protection. As data breaches are more common - and you do live in Europe - you may already have some tools to point in Hilton's general direction.

    (Of note as well is that the GDPR 72-hour notifications window starts once the company is "aware" of the breach - and there may be some convoluted verbiage on what that actually means, but your report/request as a European person may be what actually starts that clock.)

    If you don't live in Europe - the folks at DLA Piper have a fairly substantial breakdown of breach requirements by country - but may give you some pointers in keywords to be using when communicating with their agents based on your locale.

    dlapiperdataprotection.com/?t=

    Additionally - if you have the time (and patience) to deal with someone on the phone - this is is the sort of inquiry that will need to be escalated to a human (i.e. will cost Hilton money) to answer.

    hilton.com/en/help-center/glob

    You may also want to reach out via any of the emails listed in the techdirt article above

    This may be of some assistance in providing - at the very least - some time and cycle burn for their public relations folks, who are probably also very busy trying to put some spin on some of their other PR disasters.

    Some questions that you may want to ask anyone that you get a hold of via phone, email, or carrier pigeon:

    • Are you aware that the ransomware gang cl0p has claimed that they have breached Hilton.com?
    • Can you confirm that this breach notification is legitimate?
    • Do you have an idea of what data was allegedly stolen, how much and when?
      • Has the vulnerability that led to this alleged breach been identified and remediated?
    • Is there any personally identifiable information (PII) included in the corpus?
    • Is my PII included in that corpus?
    • Is there a plan to notify affected individuals and/or provide remediation or credit monitoring?

    #hhonors #ice #Hilton #USPol #HiltonBoycott #ransomware

    #cl0p #hhonors #ice #hilton #uspol #hiltonboycott
  4. Tim Hergert @[email protected] ·

    So for many folks - cancelling their Hilton Honors membership was a way to let the chain know that their handling of the situation in Minneapolis was unacceptable.

    Nice techdirt article and template for those perhaps looking to do the same techdirt.com/2026/01/07/dear-h

    Now it appears that the #Cl0p folks claim to have breached Hilton.com - but have yet to publish any data. After following cl0p in a previous life, my estimate is that they're found some novel way to breach a specific technology that many of these companies have deployed, have been immensely successful in compromising a large number of them, and are now inundated with data that they have to wade through.

    (first detection I am aware of was at 2026-01-25 15:14:45 UTC)

    infosec.exchange/@ransomwatch/

    However - I do have confidence that Hilton will not pay them and the data will [eventually] be published to The Dark Web™. (Or more accurately - probably via BitTorrent)

    (you can point your TOR enabled browser of choice to santat7kpllt6iyvqbr7q4amdv6dzr for any updates - the attached screenshot is from there)

    What that means is that for folks that did cancel their membership is that their data is likely going to be leaked to various and sundry criminal elements and probably lead to increased cyber-type headaches such as spam, phishing and identity theft for anyone involved. (Note that this is also true for anyone who did not cancel their Hilton Honors membership.)

    Going to preface this next bit by indicating that I'm not a lawyer nor do I play one on TV - and that no sane person should take legal advice from me or anyone else who is not a practicing lawyer lest you end up being the star of one of those "sovereign citizen" clips on youtube.

    Now - there probably is a way to help translate at least some of this into pain for the Hilton chain. If you are in the EU - GDPR does provide a lot of leverage for individuals in terms of data and privacy protection. As data breaches are more common - and you do live in Europe - you may already have some tools to point in Hilton's general direction.

    (Of note as well is that the GDPR 72-hour notifications window starts once the company is "aware" of the breach - and there may be some convoluted verbiage on what that actually means, but your report/request as a European person may be what actually starts that clock.)

    If you don't live in Europe - the folks at DLA Piper have a fairly substantial breakdown of breach requirements by country - but may give you some pointers in keywords to be using when communicating with their agents based on your locale.

    dlapiperdataprotection.com/?t=

    Additionally - if you have the time (and patience) to deal with someone on the phone - this is is the sort of inquiry that will need to be escalated to a human (i.e. will cost Hilton money) to answer.

    hilton.com/en/help-center/glob

    You may also want to reach out via any of the emails listed in the techdirt article above

    This may be of some assistance in providing - at the very least - some time and cycle burn for their public relations folks, who are probably also very busy trying to put some spin on some of their other PR disasters.

    Some questions that you may want to ask anyone that you get a hold of via phone, email, or carrier pigeon:

    • Are you aware that the ransomware gang cl0p has claimed that they have breached Hilton.com?
    • Can you confirm that this breach notification is legitimate?
    • Do you have an idea of what data was allegedly stolen, how much and when?
      • Has the vulnerability that led to this alleged breach been identified and remediated?
    • Is there any personally identifiable information (PII) included in the corpus?
    • Is my PII included in that corpus?
    • Is there a plan to notify affected individuals and/or provide remediation or credit monitoring?

    #hhonors #ice #Hilton #USPol #HiltonBoycott #ransomware

    #cl0p #hhonors #ice #hilton #uspol #hiltonboycott
  5. Tim Hergert @[email protected] ·

    So for many folks - cancelling their Hilton Honors membership was a way to let the chain know that their handling of the situation in Minneapolis was unacceptable.

    Nice techdirt article and template for those perhaps looking to do the same techdirt.com/2026/01/07/dear-h

    Now it appears that the #Cl0p folks claim to have breached Hilton.com - but have yet to publish any data. After following cl0p in a previous life, my estimate is that they're found some novel way to breach a specific technology that many of these companies have deployed, have been immensely successful in compromising a large number of them, and are now inundated with data that they have to wade through.

    (first detection I am aware of was at 2026-01-25 15:14:45 UTC)

    infosec.exchange/@ransomwatch/

    However - I do have confidence that Hilton will not pay them and the data will [eventually] be published to The Dark Web™. (Or more accurately - probably via BitTorrent)

    (you can point your TOR enabled browser of choice to santat7kpllt6iyvqbr7q4amdv6dzr for any updates - the attached screenshot is from there)

    What that means is that for folks that did cancel their membership is that their data is likely going to be leaked to various and sundry criminal elements and probably lead to increased cyber-type headaches such as spam, phishing and identity theft for anyone involved. (Note that this is also true for anyone who did not cancel their Hilton Honors membership.)

    Going to preface this next bit by indicating that I'm not a lawyer nor do I play one on TV - and that no sane person should take legal advice from me or anyone else who is not a practicing lawyer lest you end up being the star of one of those "sovereign citizen" clips on youtube.

    Now - there probably is a way to help translate at least some of this into pain for the Hilton chain. If you are in the EU - GDPR does provide a lot of leverage for individuals in terms of data and privacy protection. As data breaches are more common - and you do live in Europe - you may already have some tools to point in Hilton's general direction.

    (Of note as well is that the GDPR 72-hour notifications window starts once the company is "aware" of the breach - and there may be some convoluted verbiage on what that actually means, but your report/request as a European person may be what actually starts that clock.)

    If you don't live in Europe - the folks at DLA Piper have a fairly substantial breakdown of breach requirements by country - but may give you some pointers in keywords to be using when communicating with their agents based on your locale.

    dlapiperdataprotection.com/?t=

    Additionally - if you have the time (and patience) to deal with someone on the phone - this is is the sort of inquiry that will need to be escalated to a human (i.e. will cost Hilton money) to answer.

    hilton.com/en/help-center/glob

    You may also want to reach out via any of the emails listed in the techdirt article above

    This may be of some assistance in providing - at the very least - some time and cycle burn for their public relations folks, who are probably also very busy trying to put some spin on some of their other PR disasters.

    Some questions that you may want to ask anyone that you get a hold of via phone, email, or carrier pigeon:

    • Are you aware that the ransomware gang cl0p has claimed that they have breached Hilton.com?
    • Can you confirm that this breach notification is legitimate?
    • Do you have an idea of what data was allegedly stolen, how much and when?
      • Has the vulnerability that led to this alleged breach been identified and remediated?
    • Is there any personally identifiable information (PII) included in the corpus?
    • Is my PII included in that corpus?
    • Is there a plan to notify affected individuals and/or provide remediation or credit monitoring?

    #hhonors #ice #Hilton #USPol #HiltonBoycott #ransomware

    #ransomware #hiltonboycott #uspol #hilton #ice #hhonors
  6. Tim Hergert @[email protected] ·

    So for many folks - cancelling their Hilton Honors membership was a way to let the chain know that their handling of the situation in Minneapolis was unacceptable.

    Nice techdirt article and template for those perhaps looking to do the same techdirt.com/2026/01/07/dear-h

    Now it appears that the #Cl0p folks claim to have breached Hilton.com - but have yet to publish any data. After following cl0p in a previous life, my estimate is that they're found some novel way to breach a specific technology that many of these companies have deployed, have been immensely successful in compromising a large number of them, and are now inundated with data that they have to wade through.

    (first detection I am aware of was at 2026-01-25 15:14:45 UTC)

    infosec.exchange/@ransomwatch/

    However - I do have confidence that Hilton will not pay them and the data will [eventually] be published to The Dark Web™. (Or more accurately - probably via BitTorrent)

    (you can point your TOR enabled browser of choice to santat7kpllt6iyvqbr7q4amdv6dzr for any updates - the attached screenshot is from there)

    What that means is that for folks that did cancel their membership is that their data is likely going to be leaked to various and sundry criminal elements and probably lead to increased cyber-type headaches such as spam, phishing and identity theft for anyone involved. (Note that this is also true for anyone who did not cancel their Hilton Honors membership.)

    Going to preface this next bit by indicating that I'm not a lawyer nor do I play one on TV - and that no sane person should take legal advice from me or anyone else who is not a practicing lawyer lest you end up being the star of one of those "sovereign citizen" clips on youtube.

    Now - there probably is a way to help translate at least some of this into pain for the Hilton chain. If you are in the EU - GDPR does provide a lot of leverage for individuals in terms of data and privacy protection. As data breaches are more common - and you do live in Europe - you may already have some tools to point in Hilton's general direction.

    (Of note as well is that the GDPR 72-hour notifications window starts once the company is "aware" of the breach - and there may be some convoluted verbiage on what that actually means, but your report/request as a European person may be what actually starts that clock.)

    If you don't live in Europe - the folks at DLA Piper have a fairly substantial breakdown of breach requirements by country - but may give you some pointers in keywords to be using when communicating with their agents based on your locale.

    dlapiperdataprotection.com/?t=

    Additionally - if you have the time (and patience) to deal with someone on the phone - this is is the sort of inquiry that will need to be escalated to a human (i.e. will cost Hilton money) to answer.

    hilton.com/en/help-center/glob

    You may also want to reach out via any of the emails listed in the techdirt article above

    This may be of some assistance in providing - at the very least - some time and cycle burn for their public relations folks, who are probably also very busy trying to put some spin on some of their other PR disasters.

    Some questions that you may want to ask anyone that you get a hold of via phone, email, or carrier pigeon:

    • Are you aware that the ransomware gang cl0p has claimed that they have breached Hilton.com?
    • Can you confirm that this breach notification is legitimate?
    • Do you have an idea of what data was allegedly stolen, how much and when?
      • Has the vulnerability that led to this alleged breach been identified and remediated?
    • Is there any personally identifiable information (PII) included in the corpus?
    • Is my PII included in that corpus?
    • Is there a plan to notify affected individuals and/or provide remediation or credit monitoring?

    #hhonors #ice #Hilton #USPol #HiltonBoycott #ransomware

    #cl0p #hhonors #ice #hilton #uspol #hiltonboycott