The hotel chain said only “a small percentage” of members had been impacted and the incident “did not compromise any credit card or password information”.
The breach was identified on October 1, although it is unclear when the incident occurred.
An investigation carried out determined that information accessed amounted to member’s names, address (including country of residence) and email address.
Although in some other cases, company names, phone numbers, Radisson Rewards member numbers and any frequent flyer numbers on file were also accessed.
“Upon identifying this issue Radisson Rewards immediately revoked access to the unauthorised person(s),” the company said in a statement.
Affected member accounts have since been secured and flagged to monitor for any potential “unauthorised behaviour”.
Radisson said targeted members would have received an email notification from Radisson Rewards either on October 30 or October 31.
“While the ongoing risk to your Radisson Rewards account is low, please monitor your account for any suspicious activity,” the company added, going on to warn members of potential phishing scams that may be attempted through the use of links to fake websites.
“Radisson Rewards will not ask for your password or user information to be provided in an email," it said.
“Radisson Rewards takes this incident very seriously and is conducting an ongoing extensive investigation into the incident to help prevent data privacy incidents from happening again in the future."
