We sincerely apologize for the great inconvenience and concern caused by the recent delivery of messages leading to phishing sites sent to a portion of guests who booked at MIMARU Kyoto Kawaramachi Gojo through one specific online reservation website.
We would like to officially report the findings from our investigation following the incident detailed in the “[Important Notice] Notice Regarding the Delivery of Messages Leading to Personal Data Phishing Sites” published on June 21, 2024.
Original Notice Dated June 21
https://mimaruhotels.com/en/news/240621/
1. Course of Events
On June 20, 2024, we confirmed that some guests who booked at MIMARU Kyoto Kawaramachi Gojo through one specific online reservation website received messages directing them to phishing sites.
We have since alerted the affected guests, changed login passwords, and conducted security checks on access limitations for every accommodations reservation management site, as well as on individual computer security at all MIMARU facilities.
We have additionally confirmed that no unauthorized access occurred at other facilities or on the online reservation website’s main system.
2. Event Details
(1) Affected Guests:Guests who made reservations at MIMARU Kyoto Kawaramachi Gojo on the specific online reservation website for check-in from June 10, 2024, to June 10, 2025.
(2) Number of Cases for Potentially Leaked Personal Information:538 cases involving guests who stored personal information in the accommodations reservation management system.
(3) Potentially Leaked Personal Information:Name, telephone number, email address, and nationality. *This does not include payment-related information such as credit card details or financial institution account information.
(4) Cause: Our investigation determined that the incident resulted from unauthorized access to the accommodations reservation management system at MIMARU Kyoto Kawaramachi Gojo.
(5)Details of Secondary Damage and/or the Risk Thereof: Some guests provided credit card information to the phishing site, but ultimately no financial damages were incurred.
3. Request to Guests
If you receive a suspicious message, please do not click on or access any included links or files. Please contact MIMARU per the details below if you are unsure about the content of any message or if you have questions regarding this incident:
Customer Service: MIMARU Kyoto Kawaramachi Gojo: kawaramachi-gojo@chm.cigr.co.jp
Contact for Other Inquiries/Media: pr-info@chm.cigr.co.jp
4. Future Handling and Measures to Prevent Recurrence
Based on the results of our investigation and suggestions from related organizations, we have set IP address access limitations on all accommodations reservation management systems and implemented additional security tools. We will continue to enhance our security measures moving forward.
Once again, we offer our sincerest apologies for the inconvenience and concern this incident has caused our guests.
Note: A "phishing site" refers to a fraudulent website designed to steal personal information, credit card numbers, etc., by mimicking a legitimate site.
Cookies help us deliver services. By clicking "Accept," you consent to the use of cookies. Click here to learn more.