Ransomware attack hits Myrtle Beach tee times. How courses have overcome potential chaos
Golfers arriving at the three-course Myrtle Beach National golf facility on Monday morning were hit with a number of odd questions.
What’s your tee time? How many players are in your group? What course are you playing? Have you prepaid? If you haven’t paid, what rate were you quoted?
Normally, all of that information is available based on the name on a tee time sheet.
But Monday was no normal day at Myrtle Beach National. There were no names. There were no tee sheets.
The facility’s staff essentially took the word of 380 players regarding their course, tee time, rate and payment status.
“We were flying blind Monday morning. It was quite comical to say the least,” said Myrtle Beach National head pro and general manager Ryan Ruddy.
The facility’s layouts were among more than 60 Myrtle Beach area courses impacted by a ransomware attack that left them without online tee sheets.
The courses are members of the Golf Tourism Solutions marketing and technology agency that promotes the Myrtle Beach golf market, and GTS’ online tee time system, known as Omni, was being housed by the Opus Interactive web hosting provider based in Portland, Oregon.
The Opus Interactive data center was hit with a ransomware attack at 2:30 a.m. Monday morning — all files were frozen by hackers who are demanding a ransom payment from Opus to unfreeze them — so businesses and organizations doing business with Opus lost access to all of their products being stored there.
GTS reestablished its online tee sheets at 2 p.m. Thursday, and 62 accommodations providers and golf package providers that are GTS members regained access to book online rounds Friday. The public should be able to book rounds online again sometime Saturday.
But rounds were undoubtedly lost because of the cyber attack, the week was quite a challenge for the industry, and Monday was chaotic for some.
“At 6 in the morning I got a phone call from one of my openers saying, ‘Hey, um, we don’t have any tee sheets.’ . . . And I’m like, ‘Huh?’ “ said Ruddy, who tried to verify rates and payment status Monday in instances when he could. “. . . We don’t have anything. We don’t know who, what time? It was just comical that we’re asking people like, ‘Hey, what did they quote you?’ It was like 100 percent on the honor system. We didn’t have any issues, but it’s kind of funny.”
Enduring the ransomware attack
Most courses were saved from anarchy Monday by the longstanding practice of printing the next day’s tee sheets at the close of business for outside workers including bag drop attendants and starters. So they had printed tee sheets to go by.
Though some courses, like Myrtle Beach National, tend to print those at the start of business the same day.
Anything booked on Omni tee sheets by 9 p.m. Sunday was still retrievable, so GTS emailed the week’s daily tee sheets to each golf course Monday night.
The Grand Strand is in the midst of the busy and lucrative spring golf season, and though the day after Mother’s Day is typically slower, courses likely still averaged more than 150 golfers each on Monday, with more progressively during the week.
Because rounds could only be booked via the phone or walk-ins, some rounds and revenue were lost this week.
“The golf courses have been old-schooling it, working off a printed tee sheet and the telephone. They’ve done a tremendous job this week working from a difficult situation,” said Tracy Conner, GTS’ director of technology services and executive director of the Myrtle Beach Area Golf Course Owners Association.
“I’m sure if this event didn’t occur we would have played more rounds of golf than we did, but I can’t quantify that,” Conner said.
At the Barefoot Resort pro shop that manages three courses, two extra staff members were working Friday morning to handle the amount of players teeing off combined with the number of calls to book rounds. “We’re very busy with the phones playing catch-up,” Barefoot Resort general manager Dave Genevro said.
Conner was alerted at 5:30 a.m. Monday that the tee times were offline and access wasn’t available, and he learned mid-morning Monday that it was a ransomware attack. He said Opus Interactive assures that no customer data was exposed or compromised.
GTS is contracted with the software company Sagacity to manage the Omni system including housing services, and Sagacity specialists began working Monday to reestablish the tee time network using backup data, and moved it to the Microsoft Azure host.
“This host environment is one of the most secure environments in the world,” Conner said. “We’re taking steps and corrective measures so the likelihood of this happening in the future is mitigated.
“With that being said, we are very proud of our entire team and what they’ve been able to accomplish in a matter of four short days. I have people who have probably slept six hours in four days, the amount of work they’ve done to get us up and going this quickly.”
