Golfers who arrived at the three-course Myrtle Beach National Golf Club on Monday morning were faced with a number of odd questions.
What is your check out time? How many players are there in your group? What course do you play on? Did you prepay? If you did not pay, what rate were you offered?
Normally all of this information is available by name on a departure time sheet.
But Monday was not a normal day at Myrtle Beach National. There were no names. There were no tee sheets.
Facility staff basically spoke to 380 players about their course, tee time, fare, and payment status.
“We were flying blind Monday morning. It was pretty comical, to say the least,” said Myrtle Beach National pro and general manager Ryan Ruddy.
The facility’s amenities were among more than 60 Myrtle Beach-area courses affected by a ransomware attack that left them without tee sheets online.
The courses are members of marketing and technology agency Golf Tourism Solutions which promotes the Myrtle Beach golf market, and GTS’s online tee time system, known as Omni, was hosted by the Opus Interactive web hosting provider based in Portland, Oregon.
The Opus Interactive data center fell victim to a ransomware attack at 2:30 a.m. Monday morning – all files were frozen by hackers demanding a ransom from Opus to unlock them – companies and organizations doing business with Opus have lost access to all their products stored there.
GTS restored its tee sheets online at 2 p.m. Thursday, and 62 GTS member accommodation providers and golf package providers regained access to book rounds online Friday. The public should be able to book rounds online again on Saturday.
But rounds have undoubtedly been lost due to the cyberattack, the week has been quite a challenge for the industry and Monday has been chaotic for some.
“At 6 a.m. I got a phone call from one of my route setters saying, ‘Hey, uh, we don’t have any tee sheets. . . . And I’m like, ‘Huh?’ said Ruddy, who tried to check rates and payment status on Monday where he could. “… We have nothing. We don’t know who, what time? just comical that we were asking people, “Hey, what did they quote you? It was like 100% on the honor system. We had no problems, but it’s rather funny.
Enduring the Ransomware Attack
Most classes were saved from anarchy on Monday by the long-standing practice of printing out the next day’s departure sheets at close of business for outside workers, including bag drop attendants and starters. So they had printed tee sheets.
Although some courses, like Myrtle Beach National, tend to print them at the start of business on the same day.
Anything booked on Omni tee sheets before 9 p.m. on Sunday was still retrievable, so GTS emailed daily tee sheets for the week to each golf course on Monday evening.
The Grand Strand is in the midst of the busy and lucrative spring golf season, and although the day after Mother’s Day is generally slower, courses were likely still averaging over 150 golfers each on Monday, with more gradually to course of the week.
Because rounds could only be booked by phone or walk-in, some rounds and revenue were lost this week.
“Golf courses did it the old fashioned way, working off a printed tee sheet and the phone. They did a terrific job this week working through a tough situation,” said Tracy Conner, GTS Technology Services Manager and Executive Director of the Myrtle Beach Area Golf Course Owners Association.
“I’m sure if that event hadn’t happened we would have played more rounds of golf than we did, but I can’t quantify that,” Conner said.
At the professional store Barefoot Resort, which operates three courses, two additional staff members were working Friday morning to manage the number of players leaving combined with the number of calls to book games. “We’re very busy with the phones playing catch-up,” said Barefoot Resort General Manager Dave Genevro.
Conner was alerted at 5:30 a.m. Monday that tee times were offline and access was unavailable, and learned mid-morning Monday that it was a ransomware attack. He said that Opus Interactive guarantees that no customer data has been exposed or compromised.
GTS is under contract with the software company Sagacity to manage the Omni system, including housing services, and Sagacity specialists began work on Monday to restore the original network using backup data, and have it moved to Microsoft Azure host.
“This host environment is one of the most secure environments in the world,” Conner said. “We are taking action and corrective action so that the likelihood of this happening in the future is mitigated.
“That being said, we are very proud of our entire team and what they were able to accomplish in the space of four days. I have people who probably slept six hours in four days, the amount of work they did to get us up and going that fast.