Shangri-La Hotels & Resorts is the latest hotel firm to report a data breach of its information and technology systems, according to Singapore newspaper The Straits Times.
The newspaper reports hackers breached Shangri-La's systems in the summer of this year, which “potentially [exposed] the personal information of guests” at eight of its hotels in Chang Mai, Thailand; Hong Kong; Singapore; Taipei, Taiwan; and Tokyo.
“The investigation revealed that between May and July 2022, a sophisticated threat actor managed to bypass Shangri-La’s IT security monitoring systems undetected and illegally accessed the guest databases,” Brian Yu, Shangri-La's senior vice president of operations and process transformation, said in an email sent to loyalty members and guests.
Yu said information such as passport numbers, ID numbers, dates of birth and credit-card numbers with expiration dates are encrypted and the hotel firm is “assured there is presently no evidence that guests’ personal data has been released by third parties or misused.”
The breach comes just weeks after IHG Hotels & Resorts admitted its systems had been breached, although it, too, stated, guests’ pertinent information had not been stolen.
Elsewhere at Shangri-La, the hotel company announced Sept. 20 that its CEO, Lim Beng Chee, would retire at the end of this year. He has been CEO of the company since early 2017, and Shangri-La has begun a search for his replacement.