Radisson Hotel Group Hit by Data Breach
3.11.2018 securityweek Incindent

Radisson Hotel Group this week informed members of its rewards program that their personal information may have been stolen as a result of a breach.

Radisson Hotel Group, formerly known as Carlson Rezidor Hotel Group, is one of the world’s largest hotel groups, with more than 1,400 hotels in 114 countries. Its portfolio includes Radisson Collection, Radisson Blu, Radisson, Radisson RED, Park Plaza, Park Inn by Radisson, Country Inn & Suites by Radisson, and prizeotel hotels.

On October 1, the company discovered that systems handling its Radisson Rewards program were breached and the data of a “small percentage” of members may have been compromised.

While Radisson’s investigation is ongoing, to date it has found no evidence that payment card information, passwords, or travel history have been accessed. The attackers may have obtained names, addresses, email addresses and, in some cases, company names, phone numbers, Radisson Rewards member numbers, and frequent flyer numbers.

Impacted accounts have been identified and are being monitored for any suspicious activity, the firm said.

Affected individuals will be contacted via email, but Radisson has advised customers to be on the lookout for phishing emails that may be launched in the upcoming period as a result of this incident.

“While the ongoing risk to your Radisson Rewards account is low, please monitor your account for any suspicious activity,” Radisson said in a notice posted on its rewards website.

Several major hotel chains suffered data breaches in the past few years. The list includes Hyatt, InterContinental, Huazhu, Hard Rock Hotel & Casino Las Vegas, Trump Hotels, Millennium Hotels & Resorts and Omni Hotels.