Scenic Group is continuing to operate its tours and cruises despite a cyber security incident, involving “unauthorised access” to the firm’s IT systems.
The group’s brands include Scenic Luxury Cruises & Tours, Emerald Cruises and Evergreen Tours.
The breach first happened in late February and the company has switched to dealing with enquiries by email and phone.
A statement from Scenic said: “As per our cyber security protocols, we have ring-fenced our IT systems to minimise any further impact and immediately started to conduct an investigation into this breach.
“We have engaged the services of an external cyber security company and their forensic experts, to assist our internal IT team to resolve this situation and bring our systems back online to full capacity.
“Investigations by our IT department and the cyber security experts are ongoing and we continue to work in collaboration with the relevant authorities. Including compliance with all relevant laws and reporting obligations as well as co-operating with regulatory bodies as required.”
As this risk assessment continues, the group’s IT systems will remain offline, including the Scenic Group websites.
The statement added: “There is currently no evidence to indicate that any guest, staff data or personal information has been impacted, if this changes we will inform the impacted directly.”
Rob Voss, chief operating officer at Scenic Group, said: “Whilst this incident has impacted our IT systems, please be assured that we will continue to operate our cruise and tour programs as scheduled. Scenic Group will work closely with our partners to ensure delivery of our guest experience is not impacted.”
The group has also suspended river cruises in Russia for 2022 and 2023, including any connecting land journeys, as a result of the Russian invasion of Ukraine.
Visitors to the Scenic website in the UK can see a statement about the IT breach and Russian cancellations (pictured).