Back to Blog
high severity January 25, 2026 · scope unconfirmed

WHISKIJACKRESORTS.COM Listed by clop Ransomware Group

[AI generated] Whiski Jack Resorts is a hotel and resort service company based in Whistler, Canada. They offer a variety of accommodations including condominiums, townhouses, and boutique hotels all located in the heart of Canadian skiing country. Along with the luxury accommodations, they offer tailor-made skiing packages and adventure activities such as golf, mountain biking, and hiking. Some of their resorts also offer amenities like hot tubs, swimming pools, and fitness centers.

⚠ Were you affected?
Free email scanner — we check your address against 15.4B+ leaked records in 15 seconds.
Run free scan →
Severity High
Disclosed January 25, 2026
Affected Unconfirmed
Data exposed Internal files exfiltrated in ransomware attack

On January 25, 2026, the Clop ransomware group added whiskijackresorts.com to its public leak site, confirming that internal files had been exfiltrated from the Canadian resort operator Whiski Jack Resorts.

Confirmed Details of the Breach

Public reporting indicates the company, which manages condominiums, townhouses, and boutique hotels in Whistler, British Columbia, was hit by a ransomware attack. The attackers extracted internal files before encrypting systems or disrupting operations. The exact number of people affected remains unknown, and the specific documents posted have not been independently catalogued in open sources. The listing appeared on the Clop leak site hosted on the dark web, with the primary record available through ransomware tracking platforms.

January 25, 2026 marks the public disclosure date on the group’s leak page. No evidence has surfaced showing that customer booking records, payment card data, or passport information were taken, yet the broad category of “internal files” means employee records, vendor contracts, or guest correspondence could be included.

Why This Matters for You and Your Family

When a hospitality company that handles reservations, loyalty accounts, and contact details is breached, your personal information can end up in the hands of criminals even if you never visited the resort. Many families book ski trips, summer adventures, or corporate events through such operators. A single reservation often contains names, addresses, phone numbers, email addresses, and sometimes dates of birth for every member of the traveling party, including children.

Once that data leaves the company’s control, it can be sold, swapped, or used to launch further attacks. You and your family become more visible to phishing campaigns, identity theft, and harassment that starts with a seemingly harmless hotel booking.

The Doxxing and Identity-Chain Risk

Leaked internal files frequently contain email addresses, usernames, or phone numbers that connect to your other online accounts. Criminals do not stop at one record. They follow the chain: an email from a resort confirmation can unlock a reused password on social media, a streaming service, or a child’s gaming account. This linkage turns a single breach into a map of your household’s digital life.

Credential leaks like this one cascade into account takeovers and doxxing chains. A gaming username tied to a parent’s email can expose a child’s real name, school schedule, or home address when combined with other stolen data. The speed and automation now used by threat actors make these connections faster than most people realize.

Clop’s Publicly Known Track Record

Public reporting attributes the Clop gang’s emergence to around 2019. The group has targeted hospitals, financial firms, manufacturing companies, and travel operators. Its typical playbook involves gaining initial access through vulnerable remote desktop services or phishing, exfiltrating large volumes of data before deploying ransomware, then publishing samples on its leak site when victims refuse to pay. Clop often sets short deadlines and follows up with threats to release more sensitive material or contact the victim’s customers directly.

What to do

  • Run a DoxxScan to map every link between your handles, emails, phone numbers, and real identity, with no-subscription cleanup handled by the service.
  • Enable continuous DoxxScan monitoring across 15.4B+ breach records and 100+ platforms so the next exposure is caught in hours rather than months.
  • Rotate any password you used on whiskijackresorts.com or related booking portals anywhere it is reused, and switch on 2FA through an authenticator app instead of text messages.
  • Cover the household with DoxxScan family protection that extends to dependents and children’s gaming accounts that often chain back to the same contact details.
  • Let remediation specialists perform hands-on takedown requests across data brokers and exposed profiles on your behalf.

The incident is a reminder that even a single resort booking can feed a larger identity trail. Staying ahead requires more than changing one password; it demands visibility into how your information travels and professional help to close the gaps. DoxxScan by GalaxyWarden delivers that visibility through continuous monitoring across 15.4 billion breach records and over 100 platforms, AI-powered identity-chain mapping, hands-on remediation by specialists, and full household coverage that includes children’s gaming accounts. Starting your DoxxScan trial today gives you and your family a practical defense against the next leak before it escalates.

Share this Post on X Reddit Email
Why this isn’t just another breach checker

A breach leaks your credentials. Then hackers chain those credentials to your address, family, phone, and employer using public broker sites. We’re the only tool built around that chain.

Free checker Tells you the breach happened. End of story. You’re still on 800+ broker sites.
$129+/yr Broker-removal services scrub the address but don’t see the breach — next leak re-exposes you.
GalaxyWarden Maps the chain. Cleans both halves. $19 one-shot. Closed loop.

⚠ Were you in this breach?

Free email scanner. We check your address against 15.4B+ leaked records in 15 seconds — then show you the $19 cleanup that removes you from the broker sites aggregating leaked data.

Check my email — free →
Close the chain attack

Both halves of the chain, cleaned once.

A breach put your credentials in 15.4B+ leaked records. Hackers chain that data to your address on 800+ broker sites. GalaxyWarden closes both halves for $19 once — no subscription required.

Clean both halves — $19 →
Free breach scan + 800+ broker letters + 30-day proof · one payment, no subscription
W Warden Plus — ongoing monitoring $9.99/mo
Warden Plus ($9.99/mo or $99/yr): weekly re-scans, breach alerts, AI Concierge, auto re-files on relisted brokers.