Guesty reports a ransomware claim attributed to the LITELLM/TRIVY CAMPAIGN (TEAMPCP) and vect, with approximately 700GB of data exfiltrated, including the userbase and Airbnb/Booking.com information, while negotiations are ongoing. Approximately 4 million emails with attachments were sent or received, and a 9d 8h deadline applies to the breach affecting the property management sectorβs internal projects #Israel
Incident Details
- Victim: guesty, LITELLM/TRIVY CAMPAIGN (TEAMPCP)
- Sector: Technology
- Country: IL
- Actor: vect
- Source:
- Discovered: 2026-04-15 19:08:31.637742
- Published: 2026-04-15 00:00:00.000000
Information
- Guesty
- LITELLM/TRIVY campaign (TEAMPCP)
- IL (Israel)
- Threat actor vect
- Status: Negotiating
- Property management sector
- Internal projects
- 4 million sent/received emails with attachments
- Userbase
- Airbnb and Booking.com data stolen from Guesty
- Data size: 700 GB
- Deadline: 9 days 8 hours
Disclaimer: This post is based on public claims made by the ransomware group "vect". I cannot confirm the accuracy of the information. However, I would be happy to share any official statement from the affected organization to provide clarification.