Reasons for the surge include the rise of ransomware as a service, easier access in the underground market, and the low cost of conducting an attack.
The hackers demanded 2 Bitcoins in payment to return control of the systems back to the hotel -- and the hotel says it had no choice but to pay.
Email addresses, passwords and IP addresses were exposed.
The attacks continued to hit organizations in Saudi Arabia earlier this week.
The country's national power company hasn't said whether it was able to link the attack to any specific group or nation state.
The hacker provided the records to LeakedSource after ESEA refused to pay the ransom.
The law went into effect on January 1, 2017.
Customers who shopped at the company's website between July 30 and October 12 of 2016 may be affected.
The hackers are alleged to have made over $4 million in illegal profits from the trades.
The hacker claimed to be accessing the system via an unpatched SQL injection vulnerability.
The company said the attack involved 'organized, highly professional hacker activities.'
In 18.3 million cases, the exposed data includes hashed passwords.
The routers were 'affected by an attack from outside,' the company said.
The data potentially accessed ranges from students' names and Social Security numbers to credit card numbers and expiration dates.
The proof-of-concept worm could jump from one smart bulb to another via ZigBee wireless connectivity.