Harbour Plaza Hotel data breach sees 1.2m customer data leaked

 Customers of Harbour Plaza Hotel are asked to be on guard for possible scams as its booking database saw an attack compromising data of more than a million customers. Privacy Commissioner Ada Chung said she's probing the data leak involving 1.2 million customers, and is investigating the type of personal data involved in the breach, say media reports.

Customers of the hotel are asked to check for unauthorised transactions, unusual email logins and even told to change their passwords.

The incident comes shortly after HKTVmall faced a breach as well. In a statement, HKTVmall said information of a total of 4.38 million registered customers was accessed. Customer information involved in the incident may include registered names of customers' accounts, encrypted and masked login passwords, registered and contact email addresses. Other information that may be accessed by unauthorised people included recipient names, delivery addresses and the phone numbers of those orders made by customers who placed purchase orders between December 2014 to September 2018.

Meanwhile, according to the report, in 2021, HKCERT handled 7,725 security incidents. There were 3,737 phishing cases last year, representing 48% of the total number of incidents and up 7% from 2020. Such incidents rose for the fourth consecutive year and reached a new height.

The rise in data breaches has been prevalent in recent years. Considering that phishing attacks are often conducted with the purpose of stealing user data and gaining access to accounts, such statistics lend credibility to the observation that we are seeing more data breaches happening in recent years,” said Yeo Siang Tiong, general manager for Southeast Asia at Kaspersky.

Moreover, the rise of eCommerce nowadays means there is a “wealth of customer data” available online for cybercriminals to harvest.

Kerry Singleton, managing director, cybersecurity, Asia Pacific, Japan and China, at Cisco also previously told MARKETING-INTERACTIVE that today no businesses are spared from being a potential target. “Any company that requires an internet or VPN connection and involves customer information has a chance of falling prey to a data breach,” he said.

Photo courtesy: 123RF