Cyber Incident Victim: Saffire Freycinet
Date:
Nov 2018
Location:
Australia
Summary
A data breach impacted two luxury hotels in Tasmania, potentially exposing guest names, email and physical addresses, and telephone numbers through unauthorized access to a third-party email distribution service. The operator confirmed the incident led to some past guests receiving suspicious spam emails, prompting advisories to delete such communications without opening them. While the affected system was secured and an internal investigation initiated, the company declined to disclose whether law enforcement was involved or specify the number of individuals affected by the compromise.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On November 2, 2018, Federal Group, owner of Tasmania’s luxury Saffire Freycinet resort and Hobart’s Henry Jones Art Hotel, notified past guests of a data breach involving unauthorized third-party access to a third-party email distribution service. The breach exposed guest names, email addresses, physical addresses, and telephone numbers. Federal Group confirmed the incident after some past guests received unusual spam-type emails, indicating the compromised data may have been exploited. The company stated the affected system was secured following the discovery, though it did not disclose when the unauthorized access occurred or how it was detected. Federal Group advised guests who received emails from either property on that date to delete them without opening, warning of potential phishing attempts or fraudulent communications impersonating the resorts. The breach did not directly impact the hotels’ internal reservation or operational systems but specifically involved the external email service used for guest communications.
Federal Group initiated an internal investigation into the incident but declined to confirm whether law enforcement agencies were notified. The company refused to disclose the number of affected guests or the timeframe during which data was vulnerable to access. In its public statement, Federal Group provided general security recommendations to guests, including vigilance against phishing attempts, avoidance of unknown email attachments, regular password updates—particularly for reused passwords—and adoption of multi-factor authentication. It further advised installing updated anti-virus software and applying operating system patches. The company emphasized these measures as proactive steps guests could take but did not offer specific remediation such as credit monitoring or identity theft protection services. The incident highlighted risks associated with third-party service providers, though Federal Group did not name the email distribution vendor or describe the nature of the unauthorized access. No additional compromises or follow-on attacks were publicly reported in connection with the breach as of the notification date.