Shangri-La Group's system was hacked, and the personal information of eight hotel customers was leaked
(Morning Post) Hackers invaded the database of the luxury hotel Shangri-La Group, resulting in a customer data breach at eight of the group's hotels at home and abroad. The Singapore Personal Data Protection Commission is investigating the incident.
Shangri-La Group Senior Vice President of Operations and Process Optimization Yu Haojie has been sending emails since Friday (September 30) to inform customers that professional cyber attackers bypassed the group's cyber security monitoring system from May to July this year and illegally entered the customer databases of eight of its hotels, resulting in the leakage of some customers' personal data.
British International Strategic Studies hosted the 19th Shangri-La Dialogue in Shangri-La from June 10 to 12. However, a group spokesperson pointed out that there was no evidence that the hackers targeted a hotel or event.
Affected hotels are: Shangri-La Residences Singapore Shangri-La Hong Kong Island Shangri-La Hong Kong Kerry Hotel Hong Kong Kowloon Shangri-La Thailand Chiang Mai Shangri-La Taipei Far East Shangri-La Tokyo Shangri-La
Yu Haojie said that the content of the leaked data, which may include customer names, emails, phone numbers, home addresses, Shangri-La membership numbers, booking dates and company names, could not be confirmed at this time. However, he assured customers that information such as customer passport numbers, ID numbers, dates of birth, credit card numbers and expiration dates are encrypted and protected.
So far, there is no evidence that any customer's personal information has been disclosed or misused, but the Group will provide affected customers with a free one-year personal information monitoring service to monitor whether personal information appears on the Internet, social media and public databases. Affected customers have until December 31 to decide whether to use the personal information monitoring service provided by the Group.