How a Hospitality Company Regained Its Footing in the Market by Incorporating Network Security Measures

A hospitality company faced a significant data breach and stealing of guest information due to a compromising third-party app. The company was in the business for more than 3 decades with a trustworthy reputation in the market. However, a major data breach affected almost 338 million hotel guests. The company paid a fine as it was unable to comply with the General Data Protection Regulation (GDPR) requirements. The organization faced defamation due to the incident which resulted in lower stock prices. To develop strategies for the integration of security into its networks, the management authorities turned to Research Nester’s customized research consulting services.


An overview:


The hospitality company is part of an international chain, consisting of award-winning properties and beautiful resorts across the globe.


The company comprises over 100 hotels in more than 35 countries and territories around the world.


Being a trusted organization, the enterprise had a huge customer base.


The data breach incident came into the limelight after guest information and details were found hacked into by a third-party application that the company was using to provide guest services.


Passport details, phone numbers, gender, birthday, loyalty account information, and personal preferences were among the data entered in these records.


The company since faced harsh repercussions, and the firm had to pay a fine of ~USD 20 million to the General Data Protection Regulation (GDPR).


Furthermore, the company experienced a loss of its customers and eventually the venture went into a major loss.


In this dire situation, the company’s management sought out Research Nester’s aid to develop a network safety strategy that is designed to protect the company’s database from security threats.


The Story

The hospitality company is a luxury hotel brand, founded in the early 1980s. The multinational company operates, franchises, and licenses lodging including hotel, residential, and timeshare properties. The company holds the record of largest hotel chain in the world by the number of available rooms. Being a trusted brand, the company has a well-developed customer base. Even after being such a large enterprise, the company wasn’t deemed safe from cyber-attacks. The breach was detected at the end of February 2020. Personal information, such as names, birthdates, and phone numbers, along with language preferences and loyalty accounts may have been compromised in the breach. An investigation was launched and the scheme was unfolded as to how it happened. Attackers were able to gain access to one of the chain hotels' third-party applications The company could have detected the breach in advance of hackers accessing clients' data by using third-party vendor monitoring and user and behavior entity analysis but failed to do so. As a result, the hotel was fined by the General Data Protection Regulation (GDPR). Moreover, the company’s stock price fell, brand value decreased and the company went into a loss. In this crisis, the management hired Research Nester to create an extensive customized research report for the company to follow and safeguard itself from any further damage.

The Solution:

Assessing the current situation and keeping in with the latest trends in the global cyber security market, Research Nester Analysts suggested the following measures:

  • Build a security-centric culture at the top level: A disciplined approach should be taken while protecting customer data. the outlook should be top-down instead of bottom-up, with responsibility resting with the CEO and board.
  • Staying ahead of the security curve -the company should be proactive, constantly reviewing new developments to stay ahead of hackers.
  • To recognize that customer data protection is not cost-centric; it's revenue centric; as it helps to build trust within your customer base to generate more revenue.
  • Ensure the security of customer data by investing whatever it takes. stay within your financial metrics, but don’t cap the budget, because capping it means compromising.


The company’s revenue was dwindling and with net revenue at ~USD 11 billion in 2020. The company's reputation and reliability were damaged after the data theft incident which led to financial loss. After revamping its network security analytics as suggested by RNPL analysts, the company regained its stability, in 2021 the company’s net revenue was at ~USD 14 billion.

Contact Us

Swara Keni

Head- Global Business Development

Let Us Hear About Your Requirements:
Connect With Our Consultant