Accor
Company Details
Linkedin ID:
accor
Website:
Employees number:
100,192
Number of followers:
2,444,544
NAICS:
7211
Industry Type:
Homepage:
accor.com
IP Addresses:
1053
Company ID:
ACC_6397921
Scan Status:
Completed
Accor Company CyberSecurity Posture
accor.com
We are Accor We are more than 290,000 hospitality experts placing people at the heart of what we do, creating emotion for our guests, and nurturing passion for service and achievement beyond limits. Building on the strength of our teams and of our fully integrated ecosystem of leading brands, personalized services & expert solutions, we break new ground to reimagine hospitality and inspire new ways to experience the world. We are dedicated to suit all desires and needs, and reinvent the guest experience every day with our 45 hotel brands across all segments- 5,600 properties around the world from luxury five-star palaces to smart economy hotels, exquisite residences to full-service resorts. Because we take care of millions of guests and each of our hotels is a world in itself, where every action counts. We strive to make positive impact both locally and globally, to ensure hospitality benefits not only the few, but all.
Accor A.I CyberSecurity Scoring
Accor Risk Score (AI oriented)Between 800 and 849
Accor
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Accor Global Score (TPRM)XXXX
Accor
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Accor Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
D-EDGE Hospitality Solutions
Breach
Rankiteo Explanation
Attack with significant impact with internal employee data leaks
Description: A security compromise gained by FastBooking, a provider of hotel booking software, has impacted 100 hotels across the globe. Experts estimate that over 1000 hotels globally may be affected, with over 380 of those being in Japan alone. The number of impacted users was not disclosed by the company. The company swiftly emailed each affected hotel with information on the event, including the number of guests who were impacted. The attackers gained access to the FastBooking system by taking advantage of a flaw in the online application. Employees of the organisation found the breach when they saw the malware on the server. The malware functions as a backdoor, giving the attacker access to take over the server and take private information.
Accor Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Accor
Incidents vs Hospitality Industry Average (This Year)
No incidents recorded for Accor in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Accor in 2025.
Incident Types Accor vs Hospitality Industry Avg (This Year)
No incidents recorded for Accor in 2025.
Incident History — Accor (X = Date, Y = Severity)
Accor cyber incidents detection timeline including parent company and subsidiaries
Accor Company Subsidiaries
We are Accor We are more than 290,000 hospitality experts placing people at the heart of what we do, creating emotion for our guests, and nurturing passion for service and achievement beyond limits. Building on the strength of our teams and of our fully integrated ecosystem of leading brands, personalized services & expert solutions, we break new ground to reimagine hospitality and inspire new ways to experience the world. We are dedicated to suit all desires and needs, and reinvent the guest experience every day with our 45 hotel brands across all segments- 5,600 properties around the world from luxury five-star palaces to smart economy hotels, exquisite residences to full-service resorts. Because we take care of millions of guests and each of our hotels is a world in itself, where every action counts. We strive to make positive impact both locally and globally, to ensure hospitality benefits not only the few, but all.
Loading...
Accor Similar Companies
The Country Club India Ltd
CCIL - Country Club India Ltd is one of the fastest growing entertainment and leisure conglomerate in India. A Multi-Million dollar entity and a listed company on BSE (Bombay Stock Exchange), CCIL is a pioneer in the concept of family clubbing in the country. CCIL has established 205 properties of w
Mandarin Oriental
Mandarin Oriental Hotel Group is the award-winning owner and operator of some of the world’s most luxurious hotels, resorts and residences. Having grown from its Asian roots into a global brand, the Group now operates 43 hotels, 12 residences and 23 exclusive homes in 26 countries and territories, w
JW Marriott
No loud pretense. No excess formalities. Just understated elegance you’ll feel the moment you walk into one of over 80 worldwide destinations. JW Marriott is part of Marriott International’s luxury portfolio and consists of beautiful properties in gateway cities and distinctive resort locations in
Meliá Hotels International
Welcome to Meliá Hotels International! From Mallorca to the world, our story is an exciting journey that began more than six decades ago and has led us to become one of the largest hotel chains on the planet and the most sustainable in Europe (S&P Global). With more than 400 hotels across the worl
Kerzner International
Kerzner International has built a diverse collection of iconic brands and luxury properties, earning international acclaim for pioneering destination-defining hospitality, delivering unrivalled service, and curating transformative guest experiences. We are renowned for creating hospitality brands
Jumeirah
Jumeirah, a global leader in luxury hospitality and a member of Dubai Holding, operates an exceptional portfolio of 31 properties, including 33 signature F&B restaurants, across the Middle East, Europe, Asia and Africa. In 1999, Jumeirah changed the face of luxury hospitality with the opening of t
DoubleTree by Hilton
DoubleTree by Hilton hotels are distinctively designed properties that provide true comfort to today’s business and leisure travelers. From the millions of delighted hotel guests who are welcomed with the brand’s legendary, warm chocolate chip cookies at check-in to the advantages of the award-winni
Caesars Entertainment
Caesars Entertainment, Inc. is the largest casino-entertainment Company in the U.S. and one of the world's most diversified casino-entertainment providers. Since its beginning in Reno, NV, in 1937, Caesars Entertainment, Inc. has grown through development of new resorts, expansions and acquisitions.
Since it was founded in 1950 and it created the all-inclusive vacation concept, Club Med has been the world leader on its market, and has developed a resolutely upscale, friendly and multicultural spirit. Club Med boasts 70 resorts located in the most beautiful sites in the world, a cruise ship and
.png)
Accor CyberSecurity News
November 11, 2025 08:00 AM
China Accuses US of Orchestrating $13 Billion Bitcoin Hack
China's cybersecurity agency accused the American government of orchestrating the theft of about $13 billion worth of Bitcoin,...
June 23, 2025 07:00 AM
Why Nassourdine Imavov vs Caio Borralho headlines Paris return after title backup twist
MMA News: Nassourdine Imavov will face Caio Borralho in the UFC Paris main event on September 6, 2025, at the Accor Arena.
April 23, 2025 07:00 AM
Accor’s Privacy Lawsuit: A Wake-Up Call for Hoteliers' Online Booking Policies
A recent lawsuit against Accor Management, via the Fairmont Hotels & Resorts brand, has raised significant questions about online privacy in the hotel industry.
April 23, 2025 07:00 AM
News | Breaking down the hotel guest online invasion of privacy lawsuit in California
An online privacy lawsuit filed against Accor Management through the Fairmont Hotels & Resorts brand should have hoteliers reviewing their...
April 09, 2025 07:00 AM
IndiGo parent & Accor tie-up to have 300 hotels in India by 2030
IndiGo parent company InterGlobe and French hospitality major Accor have tied up to create what they term will be “India's fastest growing hospitality...
November 15, 2024 08:00 AM
Trend Micro names winners of 2024 Customer Awards
Trend Micro has announced the winners of its 2024 Customer Awards, acknowledging organisations that have embraced cybersecurity innovation.
November 06, 2024 08:00 AM
Foodstuffs South Island wins top customer innovator award
Trend Micro has awarded Foodstuffs South Island the Customer Innovator Award for its integration of cybersecurity within its digital strategies.
April 09, 2024 07:00 AM
Accor Data Breach: IntelBroker Claims 642K Records For Sale
IntelBroker alleges Accor data breach with 642K records leaked. Technical analysis reveals compromised data including names, emails,...
April 02, 2024 07:00 AM
Vulnerability Exposed Ibis Budget Guest Room Codes to Hackers
Ibis Budget guests were left vulnerable after a security flaw in self-check-in kiosks exposed room access codes.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Accor CyberSecurity History Information
Official Website of Accor
The official website of Accor is https://www.group.accor.com.
Accor’s AI-Generated Cybersecurity Score
According to Rankiteo, Accor’s AI-generated cybersecurity score is 806, reflecting their Good security posture.
How many security badges does Accor’ have ?
According to Rankiteo, Accor currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Accor have SOC 2 Type 1 certification ?
According to Rankiteo, Accor is not certified under SOC 2 Type 1.
Does Accor have SOC 2 Type 2 certification ?
According to Rankiteo, Accor does not hold a SOC 2 Type 2 certification.
Does Accor comply with GDPR ?
According to Rankiteo, Accor is not listed as GDPR compliant.
Does Accor have PCI DSS certification ?
According to Rankiteo, Accor does not currently maintain PCI DSS compliance.
Does Accor comply with HIPAA ?
According to Rankiteo, Accor is not compliant with HIPAA regulations.
Does Accor have ISO 27001 certification ?
According to Rankiteo,Accor is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Accor
Accor operates primarily in the Hospitality industry.
Number of Employees at Accor
Accor employs approximately 100,192 people worldwide.
Subsidiaries Owned by Accor
Accor presently has no subsidiaries across any sectors.
Accor’s LinkedIn Followers
Accor’s official LinkedIn profile has approximately 2,444,544 followers.
NAICS Classification of Accor
Accor is classified under the NAICS code 7211, which corresponds to Traveler Accommodation.
Accor’s Presence on Crunchbase
Yes, Accor has an official profile on Crunchbase, which can be accessed here: https://www.crunchbase.com/organization/accor-0e63.
Accor’s Presence on LinkedIn
Yes, Accor maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/accor.
Cybersecurity Incidents Involving Accor
As of December 11, 2025, Rankiteo reports that Accor has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Accor has an estimated 13,820 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Accor ?
Incident Types: The types of cybersecurity incidents that have occurred include Breach.
How does Accor detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with emailed each affected hotel with information on the event..
Incident Details
Can you provide details on each incident ?
Title: FastBooking Data Breach
Description: A security compromise gained by FastBooking, a provider of hotel booking software, has impacted 100 hotels across the globe. Experts estimate that over 1000 hotels globally may be affected, with over 380 of those being in Japan alone. The number of impacted users was not disclosed by the company. The company swiftly emailed each affected hotel with information on the event, including the number of guests who were impacted. The attackers gained access to the FastBooking system by taking advantage of a flaw in the online application. Employees of the organisation found the breach when they saw the malware on the server. The malware functions as a backdoor, giving the attacker access to take over the server and take private information.
Type: Data Breach
Attack Vector: Malware
Vulnerability Exploited: Flaw in the online application
Motivation: Data Theft
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Flaw in the online application.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach DED456251223
Data Compromised: Private information
Systems Affected: FastBooking system
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Private information.
Which entities were affected by each incident ?
Incident : Data Breach DED456251223
Entity Name: FastBooking
Entity Type: Hotel Booking Software Provider
Industry: Hospitality
Location: Global
Customers Affected: 100 hotels (potentially over 1000 hotels globally)
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Data Breach DED456251223
Communication Strategy: Emailed each affected hotel with information on the event
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach DED456251223
Type of Data Compromised: Private information
Investigation Status
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Emailed each affected hotel with information on the event.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach DED456251223
Entry Point: Flaw in the online application
Backdoors Established: Malware functioning as a backdoor
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Data Breach DED456251223
Root Causes: Flaw in the online application
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident was Private information.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach was Private information.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Flaw in the online application.
.png)
Latest Global CVEs (Not Company-Specific)
Description
WeGIA is an open source Web Manager for Institutions with a focus on Portuguese language users. Versions 3.5.4 and below contain a Stored Cross-Site Scripting (XSS) vulnerability in the /WeGIA/html/geral/configurar_senhas.php endpoint. The application does not sanitize user-controlled data before rendering it inside the employee selection dropdown. The application retrieves employee names from the database and injects them directly into HTML <option> elements without proper escaping. This issue is fixed in version 3.5.5.
Risk Information
cvss3
Base: 4.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.0.0-rc.1 through 4.7.0 are vulnerable to DOM-Based XSS through the Zitadel V2 logout endpoint. The /logout endpoint insecurely routes to a value that is supplied in the post_logout_redirect GET parameter. As a result, unauthenticated remote attacker can execute malicious JS code on Zitadel users’ browsers. To carry out an attack, multiple user sessions need to be active in the same browser, however, account takeover is mitigated when using Multi-Factor Authentication (MFA) or Passwordless authentication. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 8.0
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N
Description
ZITADEL is an open-source identity infrastructure tool. Versions 4.7.0 and below are vulnerable to an unauthenticated, full-read SSRF vulnerability. The ZITADEL Login UI (V2) treats the x-zitadel-forward-host header as a trusted fallback for all deployments, including self-hosted instances. This allows an unauthenticated attacker to force the server to make HTTP requests to arbitrary domains, such as internal addresses, and read the responses, enabling data exfiltration and bypassing network-segmentation controls. This issue is fixed in version 4.7.1.
Risk Information
cvss3
Base: 9.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:N
Description
NiceGUI is a Python-based UI framework. Versions 3.3.1 and below are vulnerable to directory traversal through the App.add_media_files() function, which allows a remote attacker to read arbitrary files on the server filesystem. This issue is fixed in version 3.4.0.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Description
FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. Versions are vulnerable to authentication bypass when the authentication type is set to "webserver." When providing an Authorization header with an arbitrary value, a session is associated with the target user regardless of valid credentials. This issue is fixed in versions 16.0.44 and 17.0.23.
Risk Information
cvss4
Base: 9.3
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
References
- https://github.com/FreePBX/framework/commit/04224253156543cd9932b90458660b2f19fc0e35#diff-72f14a52840a61504a8e03cd195035b44e488aecd634b001bc6412a04bdc940bR20-R50
- https://github.com/FreePBX/security-reporting/security/advisories/GHSA-9jvh-mv6x-w698
- https://www.freepbx.org/watch-what-we-do-with-security-fixes-%f0%9f%91%80
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=accor' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
