Shangri-La Group issued an announcement on its official website on Sept. 30, stating that its 8 hotels were found to have been hacked by professional cyber attackers, bypassing the group’s security monitoring system, and after investigation, it was found that the contact information of some guests was leaked. The group apologized to the affected customers and emphasized that the incident did not affect the general operation of the hotel. The Office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD) said on Oct. 1 that the personal data of more than 290,000 Hong Kong customers may have been affected and a compliance check has been launched.
Brian Yu, Senior Vice President, Operations & Process Transformation of Shangri-La Hotels and Resorts, issued a notice to the members of the hotel group on Oct. 1, saying that after unauthorized activities were discovered in the hotel’s IT network, a network security expert has been appointed immediately to investigate the anomaly.
