Data breach at Shangri-La hotels occured during Asia’s top security summit, guests’ data potentially leaked #Data #breach #ShangriLa #hotels #occured #Asias #top #security #summit #guests #data #potentially #leaked
SINGAPORE – A database breach has occured at luxury hotel chain Shangri-La Group, potentially exposing the personal information of guests who had stayed at its hotels in Singapore, Hong Kong, Chiang Mai, Taipei and Tokyo.
In an email informing affected guests, the group’s senior vice president for operations and process transformation Brian Yu, said: “A sophisticated threat actor managed to bypass Shangri-La’s IT security monitoring systems undetected, and illegally accessed the guest databases.”
Its investigation revealed that the breach took place between May and July 2022.
It was around that time that Asia’s top security summit Shangri-La Dialogue returned to Singapore after a two-year pandemic hiatus. The event was held at the eponymous Shangri-La hotel in downtown Orchard Road from June 10-12.
In the email, Mr Yu confirmed that certain data files had been exfiltrated from the breached databases.
” Although we were not able to confirm the content of the exfiltrated data files, it is likely that they contained guest data,” he added.
The following properties are affected:
• Shangri-La Apartments, Singapore
• Shangri-La Singapore
• Island Shangri-La, Hong Kong
• Kerry Hotel, Hong Kong
• Kowloon Shangri-La, Hong Kong
• Shangri-La Chiang Mai
• Shangri-La Far Eastern, Taipei
• Shangri-La Tokyo