Guest Worldwide is a global collective of dynamic, industry-leading companies with more than 40 years of unparalleled experience serving the unique needs of diverse markets in every corner of the world.
Founded in 2016, Two Roads Hotels is an international lifestyle hotel company that manages and operates the Alila Hotels & Resorts, Destination Hotels, Joie de Vivre Hotels, Thompson Hotels, and tommie Hotels brands. At Two Roads, we create extraordinary experiences for those unafraid to break from the masses...and seek the road less traveled. We believe you should live the life you imagine. We ensure your life's journeys are as extraordinary and individual as you. Two Roads Hospitality is a collection of truly individual hotels and resorts for the independent traveler. Two Roads. Stay who you want to be. Explore our brands: Joie de Vivre celebrates discovery, playfulness and open-mindedness. Featuring the largest collection of boutique hotels in California, with additional locations across the U.S., JDV properties are eclectic, colorful, and bursting with personality, making them the perfect setting to explore and experience the “joy of life.” Thompson Hotels empower sophisticated living for the savvy traveler. With a modern aesthetic and a focus on luxury design and service, Thompson Hotels inspire their guests to be residents, not visitors, in whatever city they’re in. Unleashing potential is what tommie does best. tommie hotels encourage self-expression and authentic discovery, providing a home base for the creative and open-minded to explore the unconventional through its boutique hotels in gateway cities. Destination Hotels' distinctive, upscale properties in locations across the country are true to place and diverse by design. Destination Hotels are for the traveler seeking an authentic experience coupled with unmatched levels of service. Alila means “surprise” in Sanskrit, and it’s the surprise of discovery and breathtaking beauty that Alila celebrates. Alila’s exclusive luxury properties celebrate the uniqueness of their surroundings, from Jaipur to Jakarta, and emphasize sustainability as much as exceptional service.
Security & Compliance Standards Overview
No incidents recorded for Guest Worldwide, a Sysco company in 2025.
No incidents recorded for Two Roads Hospitality in 2025.
Guest Worldwide, a Sysco company cyber incidents detection timeline including parent company and subsidiaries
Two Roads Hospitality cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files it will combine, which allows remote attackers to create very large responses that lead to a denial of service attack via the URL query string.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.
