The Radisson hotel chain has warned customers about potential identity theft after admitting that its servers had been hacked.
The company said that unknown persons had breached the company's defences, and that credit card information may have been stolen.
Investigations into the hack are still continuing, and Radisson is not sure how much data may have been copied.
"Working with law enforcement and forensic investigators we are conducting a thorough review of the potentially affected computer systems, and have implemented additional security measures designed to prevent a recurrence of such an attack and to protect guest privacy," said Fredrik Korallus, executive vice president and chief operating officer at Radisson, in a statement.
The data breaches occurred between November 2008 and May 2009. Customers are being advised to check their bank statements for unusual activity, and Radisson has set up a FAQ to offer help and guidance on the situation.
Radisson said that the stolen information did not include social security numbers, but may have involved credit card details.
Information from credit card vendors alerted the firm to the hack.