Security Affairs
Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Hidden Web Prompts Trick AI Agents Into Sending Money|Seven Bugs in FatFs Put IoT and Embedded Devices at Risk|Bad Epoll Flaw Gives Attackers Root Access on Linux and Android|Medtronic Notifies 3.8 Million After ShinyHunters Data Breach|SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 104|Security Affairs newsletter Round 584 by Pierluigi Paganini – INTERNATIONAL EDITION|U.S. Government Agency Paid $1M to Data Extortion Group Kairos|FBI: TeamPCP Compromised Dev Tools to Steal Cloud Credentials|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Luxury hotel chain Shangri-La suffered a security breach

The Shangri-La hotel group disclosed a data breach, a database containing the personal information of its customers was compromised. The Shangri-La hotel group disclosed a data breach, threat actors had access to a database containing the personal information of customers at eight of its Asian properties between May and July. The incident impacted hotels in […]

Shangri-La

The Shangri-La hotel group disclosed a data breach, a database containing the personal information of its customers was compromised.

The Shangri-La hotel group disclosed a data breach, threat actors had access to a database containing the personal information of customers at eight of its Asian properties between May and July.

The incident impacted hotels in Hong Kong, Singapore, Chiang Mai, Taipei and Tokio, the company launched an investigation to determine what data had been stolen by the attackers. The company notified authorities and potentially impacted guests.

A statement published on September 30 by the hotel chain on its website revealed that the company has “recently discovered unauthorised activities” on its IT infrastructure.

A “sophisticated threat actor managed to bypass Shangri-La’s IT security monitoring systems undetected, and illegally accessed the guest databases”, reads the statement.

“Certain data files were found to have been exfiltrated from these databases but the investigation has not been able to verify the content of these files,” continues the statement. “The databases contained guests’ contact information but personal information such as dates of birth, identity and passport numbers, and credit card details, was encrypted.”

Shangri-La

Experts pointed out that the Shangri-La hotel in Singapore hosted Asia’s top security summit between June 10 and 12 in the same period the hack took place.

Asked whether the Shangri-La Dialogue was the target of the hackers, a hotel spokesman told Singapore’s Straits Times newspaper there is no evidence to support this hypothesis.

“There is no evidence to suggest any specific hotel or event was singled out. As a matter of policy, we do not disclose information about our guests.”  said the spokesman.

“Data related to the Shangri-La Dialogue was stored on a separate secure server and was not affected in this incident,”

“Data related to the Shangri-La Dialogue was stored on a separate secure server and was not affected in this incident.”  said a spokesman at the event organiser, the International Institute for Strategic Studies (IISS).

The hotel chain states that it is not aware of any abuse of stolen guest data.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Shangri-La hotel)

[adrotate banner=”5″]

[adrotate banner=”13″]