Virgin Hotels breach exposes thousands


Attackers have penetrated Virgin Hotels North America’s systems, obtaining sensitive personal details such as Social Security numbers (SSNs).

Virgin Hotels has reached out to impacted individuals regarding the cyberattack. According to the company, malicious actors penetrated its systems in late August 2023.

“Steps were taken to address the incident, and a cybersecurity firm was engaged to conduct an investigation. The investigation identified unauthorized access to files on storage servers,” the company’s breach notification letter reads.

ADVERTISEMENT

The notification doesn’t specify whether the impacted people are the company’s clients or employees or whether the cyberattack affected a specific location or all Virgin Hotels in North America. We contacted Virgin Hotels for clarification but did not receive a reply before publishing.

According to Virgin Hotels, an investigation revealed that the files attackers may have accessed contained individuals’ names and SSNs. The breach notification that the company submitted to the Maine Attorney General shows that over 4,000 people were impacted by the breach.

Losing SSNs poses significant risks, as impersonators can use the stolen data in tandem with names and other details for identity theft.

The company said it will provide affected individuals with complementary identity protection and credit monitoring services.

In North America, Virgin Hotels operates “luxury lifestyle” establishments in Chicago, Dallas, Las Vegas, Nashville, New Orleans, and New York. The chain is owned by Virgin Group, a multinational venture capital conglomerate established by Richard Branson.

ADVERTISEMENT