Radisson hotel group hit by data breach

The Radisson Group has divulged that a recent cyber-attack has exposed personal details of members of the company’s loyalty programme.

The popular hotel chain admitted that suspicious activity was detected on the October 1st, some weeks after the security hack took place on September 11th. It took until the start of November for Radisson Reward card holders to be notified of the incident.

According to the Group, exposed details included members’ names; emails and physical addresses; some company names; some phone numbers; Radisson Reward member numbers, and frequent flyer numbers.

The Radisson Group stated:

“This data security incident did not compromise any credit card or password information.

“Our ongoing investigation has determined that the information accessed was restricted to member name, address (including country of residence), email address, and in some cases, company name, phone number, Radisson Rewards member number and any frequent flier numbers on file.”

The Group said that accounts were shut down as soon as malicious activity was detected. A “small percentage” of loyalty account holders were impacted by the breach, but no further details were provided.

“All impacted members accounts have been secured, and flagged to monitor or any potential unauthorised behaviour. While the ongoing risk to your Radisson Rewards account is low, please monitor your account for any suspicious activity,” the chain said.

Radisson underlined how the breach should remind loyalty card holders to remain alive to the potential of phishing scams whereby apparently official messages ask for users to divulge their personal details.

The hotel chain reiterated its commitment to data security and said that investigations are underway looking into the hack and to help develop existing data security infrastructures to help minimise the chances of a similar breach in future.

European Data Protection Summit will take place on June 3rd in Central London and will play host to 800 DPO’s, Security Professionals and senior business decision makers looking for; information, updates, clarity, advice and solutions. For more information, visit the website.

We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.