vicesociety attacks ICEHOTEL

Incident Date:

March 23, 2022

World map



vicesociety attacks ICEHOTEL








First Reported

March 23, 2022

Icehotel Ransomware Attack

The Icehotel, a renowned Swedish landmark and a must-visit destination for travelers worldwide, has been targeted by the ransomware group vicesociety. The attack was announced on the group's dark web leak site. The Icehotel is known for its unique ice rooms and art suites, which are redesigned and rebuilt each winter, offering a one-of-a-kind experience for visitors.

Company Overview

The Icehotel is a part of the Hospitality sector and has been in operation since 1989. It is located in Jukkasjäarvi, Sweden, and is a popular tourist attraction, attracting visitors from all over the world. The company is known for its commitment to sustainability and the environment, as it is built using ice harvested from the Torne River each winter.


The Icehotel's website does not provide detailed information about the company's size or its specific vulnerabilities that led to the ransomware attack. However, it is known that ransomware attacks often exploit vulnerabilities in outdated software, unpatched systems, or weak passwords. In the case of the Icehotel, it is unclear whether these or other factors contributed to the successful attack by vicesociety.

The Icehotel ransomware attack is a reminder of the ongoing threat posed by cybercriminals to businesses and organizations across all sectors. While the specific details of the attack are not yet available, it is crucial for companies to prioritize cybersecurity measures to protect their systems and data from such attacks.


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.