Skip to main content

There are some light works being carried out on a neighbouring property. Please call us or email [email protected] for further details.

Technical Update

Data Breach - 24.09.2024

On Sunday 22nd September we were alerted by our third-party property management system (PMS) provider of suspicious activity by a fraudulent actor using compromised employee credentials. We were also informed that there was an “extraction of data” which exposed personal information such as names, email addresses, postal addresses and phone numbers and potentially, health information (such as allergies).

We are continuing to actively investigate the incident both internally and with our PMS provider, including seeking clarification as to exactly what customer data has been compromised.

It has come to our attention that some guests have received emails from a sender not associated with bedruthan.com or scarlethotel.co.uk. These emails ask you to "confirm your check-in within 12 hours" through a link. Please be aware that these emails are not from us. We strongly advise that you do not click on the link or provide any information.

An example of the phishing email that was sent is shown below.

Clicking the link within the email would direct you to a fake web page as shown below where a credit card entry form can be found.

On the page itself, there is a credit card entry form and a live chat window which connects the visitor to a fraudulent agent which we believe is used to communicate to the visitor once credit card information is entered to request that the payment is approved via the visitor’s banking app.

We want to make clear that this webpage is not genuine and is fake. If you do click onto this website, please do not enter credit card information or respond to the agent in the chat window and immediately close your web browser.

To help protect yourself we recommend that our customers review the following National Cyber Security Centre article on how to spot and report Phishing emails, which also provides advice on what to do if sensitive information such as bank details were submitted on the fake webpage. The link to this article can be found here: Phishing: Spot and report scam emails, texts, websites and... - NCSC.GOV.UK.

If bank details were submitted, we strongly recommend contacting your bank right away for advice.We also encourage you to be cautious of any unexpected emails or calls. Scarlet Hotel will only ever send emails from our official domain, scarlethotel.co.uk. If you have any concerns about an email that was sent to then you can contact our team on 01637 861 800 to verify its authenticity.

    Ages