Frequently Asked Questions
Regarding the Suspected Data Breach
Created 27.10.2024
Updated 9.12.2024
This afternoon, we received information about new suspicious activity in our reservation system.
Based on our information, these incidents are related to a new data breach that occurred on November 29, 2024, at 11:04 AM. In this breach, criminals have accessed customer data for the period between December 1, 2024, and December 31, 2025.
Unfortunately, this is already the second significant data security breach within a short period.
We have immediately taken action to investigate the situation and contacted all customers whose data may have been compromised. Additionally, we have implemented enhanced security measures to prevent similar incidents in the future.
Some of our customers have reported receiving fraudulent messages via Booking.com chat and potentially other communication channels, falsely claiming to represent us. These messages may include requests for payments through unofficial links or other suspicious activities
We want to emphasize:
- We never ask for payments or sensitive information via unofficial channels.
- Do not open these messages or click on any links they contain.
- If you receive any suspicious messages, please notify us immediately so we can take swift action.
- We never ask to send us any attached files (Word, PDF etc.).
Visit Inari Oy (Hotel Inari, Holiday Village Inari, and Korppioja Cottages) was targeted in a data breach on November 29, 2024, at 11:04 AM.
The breach occurred through a third-party system, despite the use of two-factor authentication. The exact reasons behind the incident are being investigated in collaboration with authorities.
As soon as we were informed on December 9, 2024, at 2:25 PM, we took the necessary steps to secure our customers’ data and address the situation in this exceptional circumstance.
The possible leaked data includes:
- Name
- Phone number
- Address
- Nationality
- Card type, expiration date, and last four digits
- Reservation details (cost, room type, arrival and departure dates)
- Preferred contact method (email or phone)
- Travel agency information if booked through one
- Company name and reference
We are investigating further and will provide updates as more information becomes available.
The leaked data includes customer information for the period between December 1, 2024, and December 31, 2025, made before November 29, 2024, at 11:04 AM.
Visit Inari Oy has contacted the customers affected by the data breach. The data leak affects 1,063 different customers.We deeply apologize for the situation and strive to remain fully transparent with our customers.
The data breach may lead to suspicious contacts. If you receive suspicious calls or emails, be cautious and verify their authenticity with us before taking any action.
Never make payments or share personal information in connection with suspicious contacts.
If you encounter a suspicious Booking.com chat message in German language asking to confirm your booking in 24 hr by entering the credit card information via a link, or if you replied to one, follow these guidelines:
- Avoid clicking on any links: If you haven’t clicked any links, delete it.
- If you replied but didn’t click any links: Deleting the message is still recommended. Replying alone is unlikely to pose a significant risk as long as no links were clicked and no sensitive information was shared.
- Contact your bank or credit card provider: If you’ve shared card details or noticed unusual activity, get in touch with your bank or card issuer to discuss preventive measures.
- When in doubt: If there is any uncertainty, consult your credit card company or bank.
No, confirmed bookings remain valid. If you’re unsure about your reservation’s status, please call us for verification.
If you are uncertain about the safety of a payment, please reach out to us at +358 40 179 6069 or sales@visitinari.fi before proceeding.
If you have provided card details in response to a suspicious message or website, contact your bank or card issuer immediately. Different countries may have varying procedures, so follow the advice of your bank and local authorities. You may be advised to block your card and request a replacement. In some cases, you might also need to file a report with a relevant data protection authority.
Currently, we believe that only your card type, expiration date, and the last four digits may have been accessed. These details alone are generally insufficient for making payments. Nevertheless, if you’re concerned, we suggest contacting your bank or credit card provider for further guidance.
If you encounter a suspicious WhatsApp message, Booking.com or email, or if you replied to one, follow these guidelines:
- Avoid clicking on any links: If you haven’t clicked any links, report and block the sender on WhatsApp or mark the email as spam, then delete it.
- If you replied but didn’t click any links: Deleting the message and reporting the sender is still recommended. Replying alone is unlikely to pose a significant risk as long as no links were clicked and no sensitive information was shared.
- Contact your bank or credit card provider: If you’ve shared card details or noticed unusual activity, get in touch with your bank or card issuer to discuss preventive measures.
- When in doubt: If there is any uncertainty, consult your credit card company or bank.
We are aware that some of our customers have received emails impersonating our hotel. These emails are not legitimate. We recommend not opening the message or clicking any links, and instead deleting the email. If you’re uncertain, contact us directly. If you’ve shared information based on the email, please reach out to your bank or credit card company without delay.
Our hotel only contacts customers via WhatsApp if the customer initiates communication on that platform. If you received an unsolicited message claiming to be from us, it is likely fraudulent. Please avoid opening the message or clicking on any links. We advise deleting it, and if necessary, reporting the incident to us. For any inquiries, reach out through our official contact points:
- Email: sales@visitinari.fi
- Phone: +358 40 179 6069
Accommodation
Kirkenes transfers
Rates informed on the website are per booking for maximum 4 persons. Either you are 1, 2, 3 or 4 persons the rate is the same.
Unfortunately not. The rate is per booking and we dot not combine booking for the shared shuttle transfer.
If you wish to be picked up different it time or from a different location which is not mentioned on list, you can book private transfer. Please contact us via email.
The driver will be waiting you just at the Kirkenes terminal (Havila Castor/Hurtigruten).
Driver has a passenger list and the car (minibus or coach) has Visit Inari written on the front window. Service provider is called Kukkolan bussit.
Kirkenes harbor is quite small place so normally it has been easy to spot the right vehicle/driver.
If you have any issues at the harbor, please call: +358 40 179 6069.
Lake Inari Cruise
Pets travel in the front deck. There can be a fews pet at the same time and they must get along with other pets. Always inform that you are traveling with a pet.
Starting place is Inari harbor on Siida’s side. Please be ready 15min before the departure time.
Activities
We start to organize winter activities as soon as weather allows – when it’s cold enough and there is enough snow. Please check the availabilities closer to your arrival.
Please note that Northern Lights are a nature´s phenomenon and cannot be
guaranteed. If Northern Lights are not seen during our Aurora tour, there is no refund.
Weather and nature
The first official winter month is November. First snow may fall between late August and December, but usually the more permanent snow cover is obtained in November.
We offer many activities featuring reindeer, you’re guaranteed to see them if you join one of those activities.