India-based Taj Hotels has suffered a data breach that might have compromised the sensitive personal information of approximately 1.5 million guests, the Economic Times reported.
Tata Group’s The Indian Hotels Company (IHCL), which runs the Taj Hotels, is probing the incident.
An IHCL spokesperson said: “We have been made aware of someone claiming possession of a limited customer data set of a non-sensitive nature. The safety and security of customers’ data is of paramount importance.
“We are investigating this claim and have notified authorities. We continue to monitor our systems and there is no suggestion of any current or ongoing security issue or impact on business operations.”
The criminal, identifying as ‘Dnacookies’, is asking $5,000 for the entire dataset, which includes mobile numbers, addresses, membership IDs, and other personally identifiable information (PII) of the guests.
The company’s spokesperson underlined that there are no signs of any current or recurring security problems or interruptions to commercial operations.
How well do you really know your competitors?
Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.
Thank you!
Your download email will arrive shortly
Not ready to buy yet? Download a free sample
We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form
By GlobalDataIHCL is implementing measures to safeguard the security of customer data, the company said.
Taj Hotels currently operates 90 hotels with 13,712 rooms across 55 locations, including cities such as London, Dubai, Mumbai, Goa, and more.
Last month, Caesars Entertainment in the US suffered a large-scale data breach, in which a group called Scattered Spider infiltrated the company’s IT vendor through social engineering.
The cybercriminal group accessed and downloaded Caesars’s loyalty programme database, containing PII of more than 65 million members.
Following this breach, the group demanded a $30m ransom, with Caesars paying half of the amount.
Additionally, hotel operator Motel One Group fell victim to a hacker attack the same month.
The hacker targeted the company’s internal systems, accessing customer data, including the details of 150 credit cards.