According to a post from a threat actor on a dark web forum, more than 5 million client data from Omni Hotels & Resorts are for sale. The threat actor indicates that the breach occurred in 2024. The hotel chain operates in the United State of America and in Canada.
A sample data is included in the post. According to the sample data information such as name and surnames, emails, visit dates, zip codes, states and country information are exposed.
The threat actor also included a Telegram handle in the post for further communication.