The Story
The hospitality company is a luxury hotel brand, founded in the early 1980s. The multinational company operates, franchises, and licenses lodging including hotel, residential, and timeshare properties. The company holds the record of largest hotel chain in the world by the number of available rooms. Being a trusted brand, the company has a well-developed customer base. Even after being such a large enterprise, the company wasn’t deemed safe from cyber-attacks. The breach was detected at the end of February 2020. Personal information, such as names, birthdates, and phone numbers, along with language preferences and loyalty accounts may have been compromised in the breach. An investigation was launched and the scheme was unfolded as to how it happened. Attackers were able to gain access to one of the chain hotels' third-party applications The company could have detected the breach in advance of hackers accessing clients' data by using third-party vendor monitoring and user and behavior entity analysis but failed to do so. As a result, the hotel was fined by the General Data Protection Regulation (GDPR). Moreover, the company’s stock price fell, brand value decreased and the company went into a loss. In this crisis, the management hired Research Nester to create an extensive customized research report for the company to follow and safeguard itself from any further damage.