BEIJING, China–China’s growing consumer class is also learning about a growing problem in the U.S.: their data can be breached.
Police in the country said they are investigating the apparent loss of data on approximately 130 million customers of Huazhu Hotels Group. The data exposure may trace to a Huazhu production database for which access credentials were accidentally uploaded to GitHub, the web-based code sharing and development platform, according to authorities.
Huazhu operates more than 3,000 hotels under 13 brand names - including Joya Hotel, Manxin Hotels & Resorts and Novotel - across more than 350 cities in China. Since 2014, Huazhu has also operated hotels under the French hotel group AccorHotel's brand names, including Mercure, Sobitel and Ibis.
Police Issue Statement
"Those who commit illegal acts including theft, trading and exchange of residents' personal data will be heavily punished," the Shanghai police said in a statement. "We are resolute in protecting people's interest and ensuring information security."
The company issued a statement that after learning its customer data was for sale online, it "immediately implemented an internal audit to guarantee the safety of our guests' information," and further said it has also brought in third-party digital forensic investigation experts "to verify whether the 'relevant personal information' being sold online.”