Tata group hospitality firm Indian Hotels Company Ltd on Thursday said it is investigating claims of a data breach, but asserted there is no suggestion of any current or ongoing security issue.
According to a media report, there has been a personal data breach of 15 lakh users from the Taj Hotel database, which is available on the dark web for purchase at $5,000.
"We have been made aware of someone claiming possession of a limited customer data set which is of non-sensitive nature," Indian Hotels Company Ltd (IHCL) spokesperson said in a statement.
Asserting that safety and security of customers' data is of paramount importance to the company, the spokesperson said, "We are investigating this claim and have notified the relevant authorities."
The spokesperson further said, "We continue to monitor our systems and there is no suggestion of any current or ongoing security issue or impact on business operations."
IHCL runs a number of hospitality properties under the Taj, SeleQtions, Vivanta, and Ginger, among others.
As per the report, an unidentified individual named 'Dnacookies' is offering the entire dataset containing membership IDs, addresses, phone numbers, and other personally identifiable information for USD 5,000.
The customer data is from 2014 to 2020.
It added that cybersecurity watchdog and the Indian Computer Emergency Response Team (CERT-In) is aware of the breach.