Hotelogix

Group

shadowbyt3$

Status

Data leaked

Country

SG

Sector

Hospitality and Tourism

Listed on leak site

May 14, 2026

Hotelogix is a cloud-based hotel management software provider founded in 2008 and trusted by hotels globally, including clients in the Asia-Pacific region. The company offers a property management system (PMS) covering reservations, front desk operations, housekeeping, point of sale, and analytics. It serves independent hotels and hotel chains, with client data hosted on cloud infrastructure including Amazon S3 and Azure Blob Storage.

ShadowByt3$ claims to have exfiltrated approximately 6 GB of data from misconfigured Amazon S3 buckets and Azure Blob Storage belonging to Hotelogix, including internal corporate documents and client-specific data such as guest PII, payment processing details, and stay records belonging to at least one named client (Treebo Hotels). The group has set a ransom demand of $500,000 in BTC or Monero with a deadline of April 14th, threatening public release of all data if unpaid.

• Internal operational manuals
• Product upgrade / software documentation PDFs
• Branding assets (logos, templates, marketing materials)
• Client guest names, phone numbers, and home addresses
• Guest stay details (arrival/departure dates, room numbers, room types)
• Payment processing details (last four digits of cards, transaction IDs, billing amounts, GST/SGST breakdowns)
• Customer folios / invoices (Treebo Hotels)

We are ShadowByt3$. We have claimed responsibility for hacking Hotelogix. They have been breached through there amazon s3 buckets and azure blobs. They were misconfigured which allowed us to scrape everything inside. This has been are latest campaign. If you don't pay $500,000 in btc or monero all data gets leaked. We are not joking and not playing we will. As you can tell in the sample in the data leak site or url below. We are giving you until April 14th at 12:20 it expires. It gets released. DarkWebinformer if you see this contact us asap through are telegram. Any researchers you can contact them and verify data. Also let them know what we have and have 6gb of data. Tell them if they don't pay by that date they get released and is not being put up for sale. Make the right decision and just getting law enforcement involved is just going to make it worse and as you can see they are helpless and don't do shit about you and don't care about companies. Look at how many companies get reported to the feds, you really think there going to help you. If you do your wrong. You can try to stop us but it doesn't stop the leaks from already being leaked and passed around other researchers or criminals. The following below was stolen: 1. Internal Corporate Data This data pertains to Hotelogix's own business operations and software development: - Operational Manuals: Internal guides for staff on how to use and manage their cloud-based systems. - Product Upgrade PDFs: Documentation detailing recent or upcoming software updates, which can reveal specific system architectures. - Branding Assets: Official logos, templates, and marketing materials (often used by hackers to create more convincing phishing emails). 2. Client-Specific Data (Treebo Hotels) The most critical part of the breach involves data belonging to Hotelogix’s clients. For Treebo Hotels, the stolen files include: - Customer Folios (Invoices): As seen in your image, these contain guest names, phone numbers, and home addresses. - Guest Stay Details: Specific dates of arrival and departure, room numbers, and room types (e.g., "Promotional Room Rent Oak"). - Payment Processing Details: While full credit card numbers are often encrypted, "processing details" can include: Last four digits of cards. Transaction IDs and dates. Billing amounts and tax breakdowns (GST/SGST).

• Victim sitehotelogix.com

This page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.