Phone Fraudsters Target Guests at The Ritz After Data Breach

Guests at one of London’s top hotels have been targeted with convincing phone-based identity fraud attacks after a suspected data breach.

The five-star Ritz London, where deluxe rooms cost over £2000 per night, revealed on Twitter over the weekend that it suffered a security incident last Wednesday.

“We can confirm that on August 12 2020, we were aware of a potential data breach within our food and beverage reservation system, which may have compromised some of our clients’ personal data. This does not include any credit card details or payment information,” it said.

“We immediately launched an investigation to identify the cause of the breach, which is ongoing, to find out what happened, how and to prevent this from happening again. We have contacted all of our clients whose data may have been compromised and alerted the ICO of the incident.”

However, the incident response appears not to have been quick enough to prevent attackers from using stolen guest data in follow-on fraud attempts.

With restaurant booking details in hand, they posed as hotel staff and began calling up diners in order to obtain their card details, according to reports.

One victim told DigitalTrends that the incoming phone number was even spoofed to appear as if the genuine Ritz number. In other cases, victims were urged to read out one-time passcodes sent to their device in order to stop a fraudulent transaction occurring. Of course, once they had the code, the scammers were able to authentica ..

Support the originator by clicking the read the rest link below.