Ransomware victim disclosure
← All victimsholidaypalace
Claimed by Stormous · listed 2 months ago
Status timeline
- ListedMay 2, 2026
- Data leakeddate unknown
At a glance
- Group
- Stormous
- Status
- Data leaked
- Country
- Macao SAR China
- Sector
- Hospitality and Tourism
- Listed on leak site
- May 2, 2026
About the victim
AI dossier — public-source company profileHoliday Palace is a hospitality and tourism entity operating in Macau (MO), likely a hotel or casino-resort property given the sector classification and regional context. The company handles guest bookings, payments, and identity verification documents as part of its operations. No public website content was available to further confirm scale or ownership.
- Industry
- Hospitality & Casino Resort
Attack summary
Severity: critical — The group claims exfiltration of regulated PII at scale including government-issued identity documents (passports, ID cards), financial/payment data, and personal identifiers — constituting a high-sensitivity regulated data breach affecting potentially large numbers of hotel/resort guests.The Stormous group claims to have obtained full system access and exfiltrated all data, including user PII, payment and booking records, and government-issued identity documents (ID cards and passports); the data is being offered for sale.
Data the group says was taken
AI dossier — extracted from the leak post- Email addresses
- Phone numbers
- Full names
- Dates of birth
- Payment data
- Booking data
- ID card scans
- Passport scans
- Full system access credentials
What the group claims
All of this data is offered for sale (user information: email, phone number, full name, date of birth / payment and booking data / ID cards and passports used in booking processes / full access was obtained to the system and all data was extracted).
Source
Indexed 2 months agoThis page surfaces a public ransomware disclosure indexed by Darkfield. Original posts come from the operator's own leak site; we cross-check against ransomware.live, RansomLook and RansomWatch where applicable. Share this URL freely.
Is this your supplier? Your competitor? You?
Pro plans monitor your domain, corporate emails, and crypto wallets across every new ransomware leak-site post, breach dump and Telegram callout — alerts within 5 minutes.

