Cyber Incident Victim: Scenic Group
Date:
Feb 2022
Location:
Australia
Summary
A cybersecurity incident involving unauthorized access to IT systems prompted Scenic Group to temporarily shut down its online reservation platforms and websites, requiring bookings and customer inquiries to be handled via phone or email. The company, headquartered in Australia where the breach originated, engaged cybersecurity and forensic experts to investigate but indicated no evidence of compromised guest, staff, or personal data. Operations across its brands—including Scenic Luxury Cruises & Tours, Emerald Cruises, and Evergreen Tours—remained disrupted with no specified timeline for restoring digital services.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On February 21, 2022, Scenic Group experienced a security breach involving unauthorized access to its IT systems, prompting the immediate shutdown of its online reservation system and corporate websites. The Australia-headquartered company disclosed the incident publicly on February 20, though the precise timeline between breach detection and public notification remains unspecified. Scenic engaged a cybersecurity firm and forensic experts to investigate the compromise, declining to characterize the breach type due to the active investigation while confirming the intrusion originated from within Australia. The company asserted no evidence indicated compromise of guest, staff, or other personal data during the incident. Operational impacts included the sustained unavailability of all Scenic Group websites and reservation platforms, forcing travel advisors and customers to process bookings exclusively via telephone or email through Scenic Luxury Cruises & Tours or Emerald Cruises channels. No restoration timeline was provided for the digital infrastructure, leaving the duration of disruption undefined at the time of reporting.
The incident directly affected Scenic Group's three primary brands—Scenic Luxury Cruises & Tours, Emerald Cruises, and Evergreen Tours—with all entities relying on the same disabled reservation architecture. Customers and travel partners were instructed to address new bookings, existing reservations, customer service inquiries, and billing matters through alternative communication channels during the outage. The company maintained this operational workaround as its sole publicized response measure alongside the forensic investigation, without detailing specific containment actions taken beyond system deactivation. Business continuity implications extended to reduced booking capacity and customer service delays inherent in manual processing systems. Scenic Group's statement emphasized the breach investigation's ongoing status while withholding technical details regarding attack vectors, intrusion duration, or potential data access beyond the confirmed absence of personal information compromise.