SAN FRANCISCO–(COMMERCIAL THREAD)–Sonder Holdings Inc. (NASDAQ: SOND; “Sonder” or the “Company”) reports that steps were taken to respond to a computer security incident resulting in unauthorized access to one of the Company’s systems which included certain guest logs . Sonder’s business remains fully operational and an investigation into this incident is ongoing.
On November 14, 2022, Sonder learned of unauthorized access to one of his systems that included some guest records. After this discovery, the Company acted quickly. The Company took steps to contain the incident, including ensuring that the unauthorized individual no longer had access to Sonder’s systems, verifying that operations were unaffected, and investigating the scale and impact of the incident. The Company also hired key security and forensic specialists to assist with the investigation and response to the incident.
Sonder believes guest records created prior to October 1, 2021 were involved in this incident. A combination of the following guest information is logged in:
Sonder.com username and encrypted password
Full name, telephone number, date of birth, address, email address
Certain guest transaction receipts, including the last 4 digits of credit card numbers and transaction amounts
Dates booked for stays at a Sonder property
In addition, Sonder believes that copies of government-issued identification documents, such as driver’s licenses or passports, were accessed for a limited number of guest records.
Sonder has taken the following measures to help guests monitor and protect their information:
Launched a dedicated page on blog.sonder.com for guests who have questions about this incident.
Sonder will notify and make available services to guests whose information has been affected by this incident, such as credit monitoring, identity protection or WebWatcher services, which includes monitoring Internet sites where personal information may be shared and generating a notice to the guest if evidence of their personal information is found.
Guests who believe their information may have been involved in this incident may email firstname.lastname@example.org or call 1-855-504-2761 (US, Canada, Mexico) or +44 20 7570 0344 (Europe and all other regions) to access the services offered.
Sonder is committed to his guests and to resolve this incident quickly. Sonder is notifying the appropriate regulatory bodies and has contacted law enforcement.
About Sonder Holdings Inc.
Sonder (NASDAQ: SOND) is revolutionizing hospitality through innovative, technological service and inspiring, thoughtfully designed accommodations combined into one seamless experience. Launched in 2014 and headquartered in San Francisco, Sonder offers a variety of lodging options, from spacious rooms to fully equipped suites and apartments, present in over 40 markets across ten countries and three continents. The Sonder app gives guests full control over their stay. Complete with self-service features, simple check-in and 24/7 field support, amenities and services at Sonder are just a tap away, making a world of better stays open to all.
Statements in this press release include statements that may constitute forward-looking statements made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, the accuracy of which is necessarily subject to risks, uncertainties and assumptions about future events that may not prove to be accurate. These statements include, but are not limited to, express or implied forward-looking statements regarding our expectations regarding our ability to contain and assess the IT security incident, our ability to protect guest information, and the impact of the IT security incident affecting our employees, guests, third parties, operations and financial results. These statements are neither promises nor guarantees, but are subject to a variety of risks and uncertainties, many of which are beyond our control, which could cause actual results to differ materially from those contemplated in these forward-looking statements. Investors are cautioned not to place undue reliance on these forward-looking statements, which speak only as of today’s date. Factors that could cause actual results to differ materially from those expressed or implied include the ongoing evaluation and currently uncertain extent and impact of the IT security incident, the legal, reputational, operational and financial risks arising therefrom and from any future IT security incidents, the effectiveness of business continuity plans during IT security incidents, and the other factors discussed in our quarterly report on Form 10-Q for the quarter ended September 30, 2022 and other documents filed with the Securities and Exchange Commission. The Company undertakes no obligation to update or revise any forward-looking statements, whether as a result of new information, future events or otherwise, except as required by applicable securities law.