[RALORD] – Ransomware Victim: NewHotel cloud company
Ransomware Group: RALORD
VICTIM NAME: NewHotel cloud company
NOTE: No files or stolen information are [exfiltrated/downloaded/taken/hosted/seen/reposted/disclosed] by RedPacket Security. Any legal issues relating to the content of the files should be directed at the attackers directly, not RedPacket Security. This blog is simply posting an editorial news post informing that a company has fallen victim to a ransomware attack. RedPacket Security is in no way affiliated or aligned with any ransomware threat actors or groups and will not host infringing content. The information on this page is fully automated and redacted whilst being scraped directly from the RALORD Onion Dark Web Tor Blog page.
AI Generated Summary of the Ransomware Leak Page
The ransomware leak page pertains to a cyberattack targeting the company operating the Newhotel Cloud system, a cloud-based Property Management System (PMS) used in the hospitality industry. The attack was publicly disclosed on April 15, 2025. The breach involves data associated with hotel operations, potentially affecting client information and internal system configurations. The page includes a screenshot of a compromised system and references to leaked data, indicating that sensitive information may have been accessed or exfiltrated by cybercriminals. No detailed PII or specific customer data are disclosed in the leak summary.
The attack appears to have impacted a hospitality technology provider based in Spain. The breach is part of a larger pattern of attacks against cloud-based service providers in the industry, aiming to disrupt hotel management services and extract valuable operational data. While the incident details are limited, the page provides a link to a claim site for further information, emphasizing the seriousness of the breach. No information about the number of affected clients or specific leaked files is publicly available, but the presence of a screenshot suggests visual evidence of compromised internal systems. The incident is associated with a hacking group identified as ‘ralord.’
A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
If you like the site, please support us on “Patreon” or “Buy Me A Coffee” using the buttons below
To keep up to date follow us on the below channels.
