'Shangri-La Hack May Affect Over 290,000 HK Guests'

"); jQuery("#212 h3").html("

Related News Programmes

"); jQuery(document).ready(function() { jwplayer.key='EKOtdBrvhiKxeOU807UIF56TaHWapYjKnFiG7ipl3gw='; var playerInstance = jwplayer("jquery_jwplayer_1"); playerInstance.setup({ file: "https://newsstatic.rthk.hk/audios/mfile_1669296_1_20221001185808.mp3", skin: { url: location.href.split('/', 4).join('/') + '/jwplayer/skin/rthk/five.css', name: 'five' }, hlshtml: true, width: "100%", height: 30, wmode: 'transparent', primary: navigator.userAgent.indexOf("Trident")>-1 ? "flash" : "html5", events: { onPlay: function(event) { dcsMultiTrack('DCS.dcsuri', 'https://news.rthk.hk/rthk/en/component/k2/1669296-20221001.mp3', 'WT.ti', ' Audio at newsfeed', 'WT.cg_n', '#rthknews', 'WT.cg_s', 'Multimedia','WT.es','https://news.rthk.hk/rthk/en/component/k2/1669296-20221001.htm', 'DCS.dcsqry', '' ); } } }); }); });

2022-10-01 HKT 18:26

Share this story

facebook

  • The database breach at luxury hotel chain Shangri-La Group may involve information of over 290,000 guests in Hong Kong. File photo: RTHK

    The database breach at luxury hotel chain Shangri-La Group may involve information of over 290,000 guests in Hong Kong. File photo: RTHK

The city's privacy watchdog on Saturday said unauthorised activities online targeting Shangri-La Group might involve personal information of tens of thousands of guests in Hong Kong.

The luxury hotel chain announced on Friday that eight of its hotels in Asia, including three in Hong Kong, had been hit by a data breach, and that it first noticed suspicious activities on its IT networks in July this year.

"We immediately engaged cyber forensic experts to investigate and contain the issue. The investigation revealed that between May and July 2022, a sophisticated threat actor managed to bypass Shangri-La's IT security monitoring systems undetected, and illegally accessed the guest databases," Shangri-La Group said.

The affected hotels included the Island Shangri-La, Kerry Hotel and the Kowloon Shangri-La in Hong Kong, as well as other hotels in Singapore, Chiang Mai, Taipei, and Tokyo.

The group said the databases contained some combinations of guest names, e-mail addresses, phone numbers, and postal addresses, among other information.

"Certain data files were found to have been exfiltrated from these databases but the investigation has not been able to verify the content of these files...Personal information such as dates of birth, identity and passport numbers, and credit card details, was encrypted. There is no indication that any guest data has been misused," it said.

The hotel chain also said the incident had not impacted its operations and steps had been taken to further strengthen the security measures of its IT networks, adding that it had notified authorities and affected guests.

In response, the city's privacy watchdog said it had been notified of the incident by Shangri-La Group on Thursday evening.

The Office of the Privacy Commissioner for Personal Data said the breach might involve personal information of over 290,000 Hong Kong guests, adding that it has launched a compliance check.

It also said it was disappointed at Shangri-La Group for only formally informing the watchdog, and affected customers, more than two months after the hotel chain first became aware of the incident.

RECENT NEWS

Fraud & AML In Asia: What Banks Need To Know In 2026

Fraud and AML in Asia have shifted over the past year. Alongside the system-level attacks that continue, panellists poi... Read more

Hong Kongs Total AUM Hits Record HK$42.2 Trillion In 2025

According to the Securities and Futures Commission (SFC), Hong Kong’s total assets under management (AUM) reached a r... Read more

Hyundai Card Leverages Apple Pay To Target Gen Z Users

Hyundai Card launched six new debit and hybrid cards tailored to Apple Pay users in April. The South Korean issuer is t... Read more

DBS And Samsung Securities Partner For Global Wealth Expansion

DBS has signed a MoU with South Korea’s Samsung Securities to establish a strategic partnership in wealth management.... Read more

RedotPay Selects OpenPayd For Treasury Operations And Global Remittances

RedotPay has selected OpenPayd to enhance its treasury operations and cross-border remittance services. The company wil... Read more

JCB Rolls Out Contactless Transit Payments Across Taipei Metro

JCB has rolled out contactless payment acceptance on the Taipei Metro. The integration allows cardholders to tap physic... Read more