Indian Hotels Company Ltd (IHCL), a Tata group hospitality entity, is investigating claims of a data breach, following reports that personal details of around 1.5 million individuals may have been compromised earlier this month. IHCL, which operates various hospitality properties under brands like Taj, SeleQtions, Vivanta, and Ginger, assures that there is no indication of any current security issues.
The official cybersecurity agency, Indian Computer Emergency Response Team (CERT-In), is reportedly aware of the breach. A threat actor named 'Dnacookies' has demanded a $5,000 ransom for the full dataset, including addresses, membership IDs, mobile numbers, and other personally identifiable information (PII) from 2014 to 2020.
Tata-owned Taj Hotels group, managed by Indian Hotels Company Ltd (IHCL), is grappling with a potential data breach affecting approximately 1.5 million individuals. IHCL is actively investigating the situation, asserting that the customer data set in question is of non-sensitive nature. The company emphasizes its commitment to the safety and security of customer data, notifying relevant authorities about the breach. A threat actor named 'Dnacookies' has demanded a $5,000 ransom for the full dataset, setting conditions that include the requirement for a negotiator, no splitting of data, and no provision of additional samples.
IHCL assures that there is no indication of any current or ongoing security issues, and the company continues to monitor its systems. The breach, reported on the black hat hacking marketplace BreachForums, highlights potential vulnerabilities, prompting attention from both IHCL and cybersecurity agencies.