Radisson Hotel Group has experienced a data breach which has impacted the members of its loyalty and rewards program. On October 1, the company came to know that systems handling its Radisson Rewards program were breached and their personal information may have been stolen due to the breach.
Radisson Hotel Group which was earlier known as Carlson Rezidor Hotel Group, is one of the world’s largest hotel groups, with over 1,400 hotels in 114 countries. Its portfolio includes Radisson Collection, Radisson Blu, Radisson, Radisson RED, Park Plaza, Park Inn by Radisson, Country Inn & Suites by Radisson, and prizeotel hotels.
The company believes that the attackers may have accesed names, addresses, email addresses, company names, phone numbers, Radisson Rewards member numbers, and frequent flyer numbers. The investigation is still going but so far, no evidence has been found about payment card information, passwords, or travel history being accessed.
The affected accounts have been identified and are being watched for any suspicious activity. All the impacted persons will be contacted via email. Radisson has instructed their customers to be alert for any phishing emails that may be launched in the upcoming period as a result of this incident.
Since the hotel chain is headquartered in Brussels, Belgium it falls under the European General Data Protection Regulation (GDPR). GDPR requires companies which are affected by data breach must report the incident within 72 hours of an organization becoming made aware of it. If the regulators on investigation find any security wanting, then the organizations can be fined up to 10 million euros or four percent of the company’s annual global turnover, whichever is higher.