Radisson Hotel Group, an international hospitality chain, disclosed Thursday that it suffered an incident in which some customer information was exposed.
The compromised information includes basic name, residence, email address for all impacted customers. In some cases, it also includes company names, phone numbers, rewards numbers and frequent flier numbers.
The company stressed that the breach did not involve credit card information or passwords.
Customers who’ve stayed at Radisson hotels but aren’t rewards members are not affected, the company said.
Radisson warns in its disclosure that hackers might try to use some of this information to conduct phishing attempts “including through the use of links to fake websites,” and try to deceive customers into sending passwords or other information.
The hotel company did not describe the nature of the “data security incident” or say how many people were impacted, but said it was a “small percentage” of rewards customers. It’s also not clear when Radisson discovered the security issue.
“Radisson Rewards takes this incident very seriously and is conducting an ongoing extensive investigation into the incident to help prevent data privacy incidents from happening again in the future,” the company said.
The company said impacted customers would have been notified by email between Oct. 30 and 31, and that their accounts have been “secured and flagged to monitor for any potential unauthorized behavior.”