Dated – 13.11.2025
This update relates to the previous Security Incident Notice dated 16 October 2025, published on this website and reproduced below this update.
It has been brought to our attention that phishing/fraudulent emails are continuing to be sent to some guests who held bookings with us as of September 9, 2025. These emails falsely claim to be from our hotel and in some cases are accompanied by links of fraudulent websites, using the name and branding of Le Grand Hotel Cayre.
These activities are linked to a previous data breach that we reported to the French Supervisor Authority for Data Protection (CNIL – National Commission on Informatics and Liberties) in September 2025. No new data breach has occurred. Unfortunately, the unauthorized parties have reused information obtained during that earlier breach to send booking-related emails with links of fraudulent websites using hotel imagery.
We have no evidence that accessed personal data has been further misused.
Please be aware that:
- Genuine messages from Le Grand Hotel Cayre will only come from following email addresses: reservations@legrandhotelcayre.com or marketing@miirohotels.com
- If you receive a suspicious message, please delete it and contact us directly at privacy@legrandhotelcayre.com or reservations@legrandhotelcayre.com to verify your booking.
Our systems remain secure, and we continue to work with our technology partners to have fraudulent websites/domains removed. We are committed to protecting your information. We are also enhancing our security measures and procedures to strengthen our resilience in light of the constantly evolving threat landscape.
For any questions or further information, please contact our Data Protection team at privacy@igeuk.co.uk.
Thank you for your continued trust and vigilance.
— Le Grand Hotel Cayre, Paris
Dated – 16.10.2025
We recently identified and contained a security incident involving unauthorized access to certain guest records at Le Grand Hotel Cayre, Paris.
The information included basic guest information relating to current and future reservations existing in our system on 9th September 2025, namely name, phone number, birth date, address, nationality, booking details, last four digits of credit card, total amount of your booking, amount payable and email address (where provided).
Please note that no passwords, copy of identity documents, government-issued identification numbers, or full payment card details were affected.
We immediately secured our systems and notified the French Data Protection Authority (CNIL), in line with our obligations under the General Data Protection Regulation (GDPR). We will continue to actively monitor the situation and act swiftly to protect your personal data. We are also enhancing our security measures and procedures to strengthen our resilience in light of the constantly evolving threat landscape.
We have been informed that some phishing emails falsely claiming to be from our hotel, have been sent. We have no evidence that accessed personal data has been further misused. As a precautionary measure, we therefore advise guests to remain vigilant against any suspicious or unsolicited communications. Emails from the hotel are only sent via the following email address: reservations@legrandhotelcayre.com or marketing@miirohotels.com.
For any questions or further information, please contact our Data Protection team at privacy@igeuk.co.uk.
— Le Grand Hotel Cayre, Paris