Luxury hotel chain hacked


A DATABASE breach has occurred at luxury hotel chain Shangri-La Group, potentially exposing the personal information of guests who had stayed at its hotels in Singapore, Hong Kong, Chiang Mai, Taipei and Tokyo.

In an email informing affected guests on Friday, the group’s senior vice-president for operations and process transformation, Brian Yu, said: “A sophisticated threat actor managed to bypass Shangri-La’s IT security monitoring systems undetected and illegally accessed the guest databases.”

Its investigation revealed that the breach took place between May and July 2022.

It was around that time that Asia’s top security summit Shangri-La Dialogue returned to Singapore after a two-year pandemic hiatus.

The event was held at the eponymous Shangri-La hotel along Orange Grove Road near Orchard Road from June 10 to 12.

Yu confirmed that certain data files had been stolen from the breached databases.

“Although we were not able to confirm the content of the exfiltrated data files, it is likely that they contained guest data,” he added.

Asked whether the Shangri-La Dialogue was specifically targeted, a hotel spokesperson said: “There is no evidence to suggest any specific hotel or event was singled out. As a matter of policy, we do not disclose information about our guests.”

The affected hotels are the Island Shangri-La, Kerry Hotel and Kowloon Shangri-La in Hong Kong, Singapore’s Shangri-La Apartments and Shangri-La Singapore, Shangri-La Chiang Mai, Shangri-La Far Eastern in Taipei and Shangri-La Tokyo.

The Cyber Security Agency of Singapore said it is aware of the incident, and urged organisations to proactively monitor and check their IT networks regularly for signs of suspicious activity.

The hotel group assured guests that there is currently no evidence that guests’ personal data has been released by third parties or misused.

“We deeply regret this has occurred and wish to assure you that all necessary steps have been taken to investigate and contain this incident,” wrote Yu in the email. — The Straits Times/ANN

Article type: free
User access status:
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!

hotel , Shangri-La Group , database , breach

   

Next In Aseanplus News

Asean news headlines as at 9pm on Wednesday (Dec 7)
GE15: BN candidate Johari retains Tioman state seat
South Korea may lift indoor mask mandate in January
Bomb dropped on Myanmar monastery using drone
World Bank says Cambodia's economy recovering well in post-pandemic era
59 couples exchange marital vows in Philippine mass wedding
New global platform to enhance transparency of carbon markets rolled out in S’pore
Cambodian justice ministry responds to social media outrage in drunken driver case
Vietnam shifts gears on arms trade as it loosens ties with Russia
‘Laos will not slide into default’, PM assures National Assembly

Others Also Read