Australian Defence Officials caught in Singapore hotel data hack

Some of Australia's most senior defence figures have been caught up in a data breach after "sophisticated" cyber hackers targeted a five-star hotel in Singapore.

In an email sent to guests this week, Shangri-La Group senior vice-president Brian Yu said that following the discovery of unauthorised activities on Shangri-La's IT network, the hotel engaged cyber forensic experts to investigate the anomalies.

The investigation revealed that between May and July 2022, a sophisticated threat actor managed to bypass Shangri-La's IT security monitoring systems undetected, and illegally accessed the guest databases.

According to Mr Yu, the company's investigation confirmed that certain data files had been exfiltrated from these databases that likely contained guest data including names, email addresses, phone numbers, postal addresses, reservation dates and company names.

In June, Defence Minister Richard Marles, Chief of Defence General Angus Campbell and senior military and departmental officials travelled to Singapore for the annual Shangri-La Dialogue, held in the Singapore hotel.

On the sidelines of the security conference, Mr Marles met with his Chinese counterpart General Wei Fenghe, marking the first high-level contact between the two nations since a diplomatic freeze that began in early 2020.

The Defence Department confirmed it was aware of a data breach affecting Shangri-La hotels and said it was working with the company to understand the impact on Australian Defence attendees at the Shangri-La Dialogue, and to minimise potential risks.

- CyberBeat