Author: davas_saara

Dear Customer,
 
We are deeply regret to inform you that the data of Visit Inari (Hotel Inari, Holiday Village Inari, Crow Creek Cabins) accommodation guests have been leaked. As soon as we became aware of this incident, we took immediate steps to investigate and resolve the situation.

We have been informed that some of our customers have received messages via Booking.com chat claiming to be from us. We want to emphasize that we never ask you to make payments through unofficial links or channels. Please do not open these messages or click on any links in them. If you receive any suspicious messages, we kindly ask that you inform us immediately.
Do not handle any payments or share your personal data into suspicious requests.

The data breach have occurred through a third-party system, and we are currently investigating the exact cause of the incident. We have reported this matter to the Data Protection Ombudsman’s office, the police, and the Finnish Transport and Communications Agency’s National Cyber Security Centre (Traficom), and we are following their instructions to handle the situation properly.

The leaked data may include the following customer information:

• Customer name
• Phone number
• Email address
• Address
• Nationality
• Payment card type, expiration date, and last four digits
• Reservation cost
• Room number and type
• Arrival and departure date
• Contact preference (e.g., email or phone)
• Travel agency, if the reservation was made through one

This breach concerns reservations between 1.12.2024 – 31.12.2025, made before 29.11.2024

We are extremely sorry for the concern and inconvenience this may have caused. We ask for your patience as we thoroughly investigate the matter.
 
If you have any questions or have received suspicious messages, please notify us immediately. 
More information on our websites: https://visitinari.fi/frequently-asked-question/
 
We are committed to protecting your data and ensuring that all necessary measures are taken to prevent this from happening again in the future.
 
Best regards,
Tommi Lappalainen, CEO

Dear Customer,

We regret to inform you of a serious development related to the data breach involving Visit Inari (Hotel Inari, Holiday Village Inari, Crow Creek Cabins) accommodation guests. We recently became aware that the perpetrators of the data breach have launched a second wave of attempts to contact our customers.

Some of our customers have reported receiving fraudulent messages via Booking.com chat and potentially other communication channels, falsely claiming to represent us. These messages may include requests for payments through unofficial links or other suspicious activities.

We want to emphasize:

• We never ask for payments or sensitive information via unofficial channels.
• Do not open these messages or click on any links they contain.
• If you receive any suspicious messages, please notify us immediately so we can take swift action.
• We never ask to send us any attached files (Word, PDF etc.).

Data Breach Investigation Update

The data breach is suspected to have occurred through a third-party system. The affected data may include:

• Customer name
• Phone number
• Email address
• Address
• Nationality
• Payment card type, expiration date, and last four digits
• Reservation cost
• Room number and type
• Arrival and departure date
• Contact preference (e.g., email or phone)
• Travel agency details, if applicable

This breach concerns reservations made between 24.10.2024 – 30.12.2025.

We have reported the incident to the Data Protection Ombudsman’s office, the police, and the Finnish Transport and Communications Agency’s National Cyber Security Centre (Traficom). We continue to work with these authorities to resolve the situation and ensure proper measures are taken.

We deeply regret the distress and inconvenience this may have caused. Please rest assured we are doing everything possible to secure your data and prevent such incidents in the future.

If you have any questions or concerns or suspect you have been targeted by fraudulent messages, do not hesitate to contact us immediately.

More information in our websites: https://visitinari.fi/frequently-asked-question/

Thank you for your understanding and cooperation.

Best regards,
Tommi Lappalainen, CEO

Published 28.10.2024
Updated 29.10.2024

Visit Inari Oy (Hotel Inari, Holiday Village Inari, and Crow Creek Cabins) was unfortunately targeted by a data breach on October 21, 2024, at 7:14 PM.

We have received information that some of our customers have been sent messages via Booking.com’s chat system under the name of Visit Inari Oy.

The data breach occurred through a third-party system regardless of the two-face authorization system. Based on current knowledge, the breach has happened through phishing landing page appearing in Google search engine. We are investigating the exact causes in cooperation with authorities. Upon receiving this information on October 25, 2024, at 8:14 PM, we took immediate action to secure our customers’ data and to resolve this exceptional situation.

“We would like to emphasize that we never request payments through unofficial links or channels. We deeply apologize for the concern and potential inconvenience this may have caused.
We ask for your patience as we conduct a thorough investigation in collaboration with the police, the Data Protection Ombudsman’s office, and the Finnish Transport and Communications Agency’s Cybersecurity Center (Traficom).
If you have any questions or have received suspicious messages, please notify us immediately. We are committed to protecting our customer data and ensuring that all necessary measures are taken to prevent similar incidents in the future”, says Tommi Lappalainen, CEO of Visit Inari Oy.

The leaked data may include the following customer information of reservations made before 21.10.2024 7:14 PM for the period of 24.10.2024 – 30.12.2025:

• Customer name
• Phone number
• Email address
• Address
• Nationality
• Payment card type, expiration date, and last four digits
• Reservation costs
• Room number and type
• Arrival and departure dates
• Contact preference (e.g., email or phone)
• Travel agency, if the reservation was made through one, and possible reservation reference

If you suspect you have received a suspicious message instructing you to follow links for payment, we kindly ask that you do not open the message or click any links in it. Instead, please inform us immediately if you receive any suspicious communications. Please notice that suspicious communication make appear also through phone, WhatsApp or email besides of Booking.com communication interface.

Visit Inari Oy has contacted the customers that are involved with data breach, and we have gathered a summary of the most frequently asked questions into our websites.

We deeply apologize for the inconvenience caused and we are here to help with any questions regarding the matter.

Tommi Lappalainen
CEO, Visit Inari Oy

tel. +358 40 179 6069
email: sales@visitinari.fi

Ready for an unforgettable adventure? After a short ride to our husky farm, you’ll meet our friendly huskies and learn about them from our experienced musher. The real excitement begins with a thrilling husky wagon ride! The musher will guide the team as you enjoy the ride, feeling the power of the huskies as they pull you through the beautiful outdoors of Lapland.

Afterward, relax by the fire with a drink in hand, savoring a peaceful moment after the excitement.

Important: This activity is available only when temperatures are below +15°C, and the minimum age requirement is 15 years.

Available:Tuesdays, Thursdays, and Saturdays at 10:00** until 30.11.2024, as long as weather permits. 

Rate: 105 EUR / person 

Duration: 2 – 2.5 hours