Ransomware victim disclosure
← All victimsHotel Avenida, Hostal Espoz y Mina, Hostal Arriazu, Pension Alemana
Claimed by Trigona · listed 2 years ago
Status timeline
- ListedFeb 28, 2024
- Data leakeddate unknown
At a glance
- Group
- Trigona
- Status
- Data leaked
- Country
- Spain
- Sector
- Hospitality and Tourism
- Listed on leak site
- Feb 28, 2024
About the victim
AI dossier — public-source company profileA boutique hospitality collection comprising multiple small hotels and hostels operating across Spain and Portugal, including properties in Lisbon and Pamplona. The group operates under individual brand names (Hotel Avenida, Hostal Espoz y Mina, Hostal Arriazu, Pensión Alemana) offering budget to mid-range accommodations.
- Industry
- Hospitality & Tourism – Budget Accommodations (Hostels & Small Hotels)
Attack summary
Severity: high — Multiple hospitality properties compromised with published data. Likely includes guest PII and payment information at scale across multiple locations. Data has been disclosed publicly.Trigona claims to have compromised multiple properties within this hospitality collection. The group has published data but the specific nature of the exfiltration (operational data, guest records, financial information) is not detailed in the available post excerpt.
Data the group says was taken
AI dossier — extracted from the leak post- Guest records (likely)
- Booking/reservation data (likely)
- Payment information (likely)
- Staff/operational data (likely)
What the group claims
Welcome to the Boutique Hospitality Collection, where every property offers a unique and unforgettable experience for guests seeking comfort, convenience, and charm. From the cosmopolitan streets of Lisbon to the historic city center of Pamplona, our collection of hotels and hostels promises exceptional accommodations and personalized service.
Sources
Source
Indexed 2 years agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

