The Radisson Hotel Group joins the ranks of globally-recognized brands to be on the receiving end of a successful hack. According to the company, a small percentage of their loyalty club members had their personal information accessed by an unauthorized and as yet unknown third party. No credit or debit card information was stolen according to the company.
The data breached was limited to:
- Customer name
- Customer address
- Email address
- Company name (in some cases)
- Phone numbers associated with the account
- The user’s Loyalty Club member number
Although this breach impacted a relatively small number of users, all of them are high net worth individuals. This at least hints at the hacker’s motivations. Massive data breaches seek to expose millions of user accounts so they can be sold in bulk on the Dark Web. A more targeted attack like this one, however, is clearly designed to target influential individuals with deep and widespread connections. Potentially, the damage caused by targeting such individuals could be much more far-reaching.
The Radisson Group responded quickly. First, they revoked the access of the unauthorized individual as soon as it was detected. Second, they flagged and monitored all user accounts impacted by the breach. The company is taking an active role in monitoring impacted accounts for the foreseeable future. Individuals who had their personal information compromised have been notified.
If you’re a member of the Radisson Rewards Club and haven’t yet received a notification, then there’s nothing to be done or to worry about. If you have received a notification, simply follow the instructions you received and you’re all set.
While unfortunate, Radisson’s handling of the incident has been exemplary, and serves as an excellent case study for other companies on how to respond to events like these.
A data breach is a possibility for all businesses – no matter how big or small. Contact us to get on one of our managed security service plans.