Breach Brief – HSBC Bank, Radisson Hotel Group

Breach Brief – HSBC Bank, Radisson Hotel Group

U.S. customer of HSBC bank are being alerted to a data breach that compromised customer information. The bank has reported no signs of fraud. Based in London, U.K., HSBC says only U.S. customers are affected.

According to HSBC the breach ran from Oct. 4 to Oct. 14. The bank said in a statement that it “suspended online access to prevent further unauthorized entry” to affected accounts. Although the bank has over one million U.S. customers only about 14,000 are believed affected by the breach.

Some of data breach victims live in California. As a result HSBC filed general notice of the data breach with the California State Office of the Attorney General and notified state residents as required. HSBC has declined further comments on its data breach investigation.

 

Radisson Hotel Group (RHG) has suffered a data breach resulting in the theft of data from its Radisson Rewards global loyalty program. According to Radisson the breach occurred between September 1st and was uncovered on October 1st. RHG is one of the largest hotel chains in the world, operating 1,400 hotels in over 70 countries. Radisson has said it emailed data breach notifications to all affected customers.  

According to Radisson, “The data security incident impacted less than 10 percent of Radisson Rewards member accounts and did not compromise any credit card or password information.” The hotel chain has not reported the number of customers affected or where these customer are located.  Customer geographic location has become important because of the controls placed on privacy by the European Union’s General Data Protection Regulation (GDPR). GDPR requires organizations that suffer a serious breach involving Europeans report the breach to relevant authorities within 72 hours of becoming aware of it or face stiff financial penalties. 

According to Radisson the following information was compromised;

  • Member name
  • Address, including country of residence
  • Email address
  • Company name 
  • Phone number 
  • Radisson Rewards member number 
  • Any frequent flyer numbers on file 

RHG says it’s been monitoring affected accounts for indications of suspicious activity. “Upon identifying this issue, Radisson Rewards immediately revoked access to the unauthorized person(s). All impacted member accounts have been secured and flagged to monitor for any potential unauthorized behavior.”