Radisson hotel group hit by data breach

The Radisson Group has divulged that a recent cyber-attack has exposed personal details of members of the company’s loyalty programme.

The popular hotel chain admitted that suspicious activity was detected on the October 1st, some weeks after the security hack took place on September 11th. It took until the start of November for Radisson Reward card holders to be notified of the incident.

According to the Group, exposed details included members’ names; emails and physical addresses; some company names; some phone numbers; Radisson Reward member numbers, and frequent flyer numbers.

The Radisson Group stated:

“This data security incident did not compromise any credit card or password information.

“Our ongoing investigation has determined that the information accessed was restricted to member name, address (including country of residence), email address, and in some cases, company name, phone number, Radisson Rewards member number and any frequent flier numbers on file.”

The Group said that accounts were shut down as soon as malicious activity was detected. A “small percentage” of loyalty account holders were impacted by the breach, but no further details were provided.

“All impacted members accounts have been secured, and flagged to monitor or any potential unauthorised behaviour. While the ongoing risk to your Radisson Rewards account is low, please monitor your account for any suspicious activity,” the chain said.

Radisson underlined how the breach should remind loyalty card holders to remain alive to the potential of phishing scams whereby apparently official messages ask for users to divulge their personal details.

The hotel chain reiterated its commitment to data security and said that investigations are underway looking into the hack and to help develop existing data security infrastructures to help minimise the chances of a similar breach in future.

The inaugural Data Protection World Forum (DPWF) will be held on November 20th & 21st 2018 at the ExCeL London which will provide a broader focus across the data protection and privacy space amidst the progressive tightening of global data protection laws.

Ahead of the end of year event, DPWF has launched a series of intensive workshops.

Further information on the DPWF and workshop details are available at: https://www.dataprotectionworldforum.com/