We discovered that there is an undeniable possibility that the customers’ personal information in Expedia’ system may have accessed.
We sincerely apologize for any inconvenience this may have caused our customers.

　

1. Background/Details
Our company management account within the Expedia management system, which is used by ONSEN RYOKAN YUEN SHINJUKU was illegally used by a person harboring malicious intent on 10th Apr 2024 from 2:00am to 2:42 and it is highly possible that this person accessed our customers’ personal information. In addition, we have confirmed that, at the same time, the person harboring malicious intent sent messages to some of our customers containing a link to a phishing website.

　

2.Individuals who may have had their personal information viewed:
Customers (bookers, guests, and companions) who made reservations at our hotel through Expedia by 10 Apr 2024, with stay dates from 1 July 2022 to 30 Sep 2024.

　

3. Customers’ Personal Information that may have been Accessed
・Names (bookers, guests, and companions)
・Phone numbers
・Expedia message dedicated email address *Note 1
・Countries *Note 2
・Contents exchanged via Expedia’s message platform *Note 3
・Reservation details（Reservation No, Reservation date, Check-in date, Check-out date, Amount）
*Note 1: This is the email address automatically assigned by Expedia when making a reservation through Expedia and Expedia Group. It is not the customer’s own email address registered with Expedia.
*Note 2: Expedia obtains this information to determine the country from which the reservation is made.
*Note 3: This only relates to the exchanged messages for the reservations of the customers specified above Note1.
*Expedia confirmed they have no evidence that the bad actors attempted to harvest PCI information.

　

4. Regarding unauthorized messages to some of our customers containing a link to a phishing website.
Regarding the messages with a URL link leading to a phishing site that were sent to some customers via the message function in the management system, we sent an alert message when the incident occurred on10th Apr 2024.
Until now, we have not received any specific reports of damage from this incident.

　

5. Measures to Prevent a Recurrence.
After consulting with Expedia, we took the necessary security measures (re-creation of accounts for the Expedia management system, changing passwords, etc.). In addition, based on the results of the investigation by an outside investigation company, we have strengthened security tools in the Expedia management system and trained our employees. We will continue our efforts to further enhance our security measures.

　

For inquiries related to this incident, please contact us via email.
Email: info-shinjuku@ryokan-yuen.jp

　

ONSEN RYOKAN YUEN SHINJUKU
General Manager