Sonder Holdings Inc. Announces Security Incident with Guest Reservation Database

Sonder Holdings Inc. (NASDAQ: SOND; “Sonder” or the “Company”) advises that measures have been undertaken to respond to an information technology security incident resulting in unauthorized access to one of the company’s systems that included certain guest records. Sonder’s business remains fully operational and the investigation into this incident remains ongoing.

On November 14, 2022, Sonder learned of unauthorized access to one of its systems that included certain guest records. Upon this discovery, the Company took swift action. The Company took steps to contain the event, including making sure that the unauthorized individual no longer had access to Sonder systems, verifying that operations were not affected, and investigating the scope and impact of the incident. The Company also engaged leading security and forensic specialists to assist in its investigation and response to the incident.

Sonder believes that guest records created prior to October 1, 2021 were involved in this incident. Some combination of the following guest information has been accessed:

• Sonder.com username and encrypted password
• Full name, phone number, date of birth, address, email address
• Certain guest transaction receipts, including the last 4 digits of credit card numbers and transaction amounts
• Dates booked for stays at a Sonder property

Additionally, Sonder believes that copies of government-issued identification such as driver’s licenses or passports may have been accessed for a limited number of guest records.

Sonder has taken the following steps to help guests monitor and protect their information:

• Launched a dedicated page at blog.sonder.com for guests who have questions about this incident.
• Sonder will be notifying and making services available to guests whose information was involved in this incident, such as credit monitoring, identity protection, or WebWatcher services, which includes monitoring of internet sites where personal information may be shared and generates an alert to the guest if evidence of their personal information is found.
• Guests who believe their information may have been involved in this incident can email sonder@krollsupport.com or can call 1-855-504-2761 (U.S., Canada, Mexico) or +44 20 7570 0344 (Europe and all other regions) to access the provided services.

Sonder is committed to its guests and to resolving this incident quickly. Sonder is notifying the appropriate regulatory bodies and has contacted law enforcement.

About Sonder Holdings Inc.

Sonder (NASDAQ: SOND) is revolutionizing hospitality through innovative, tech-enabled service and inspiring, thoughtfully designed accommodations combined into one seamless experience. Launched in 2014 and headquartered in San Francisco, Sonder provides a variety of accommodation options — from spacious rooms to fully-equipped suites and apartments — found in over 40 markets spanning ten countries and three continents. The Sonder app gives guests full control over their stay. Complete with self-service features, simple check-in and 24/7 on-the-ground support, amenities and services at Sonder are just a tap away, making a world of better stays open to all.

Forward-Looking Statements

This press release includes statements which may constitute forward-looking statements made pursuant to the safe harbor provisions of the Private Securities Litigation Reform Act of 1995, the accuracy of which are necessarily subject to risks, uncertainties, and assumptions as to future events that may not prove to be accurate. These statements include, but are not limited to, express or implied forward-looking statements relating to our expectations regarding our ability to contain and assess the IT security incident, our ability to protect guest information, and the impact of the IT security incident on our employees, guests, third parties, operations and financial results. These statements are neither promises nor guarantees, but are subject to a variety of risks and uncertainties, many of which are beyond our control, which could cause actual results to differ materially from those contemplated in these forward-looking statements. Investors are cautioned not to place undue reliance on these forward-looking statements, which speak only as of the date hereof. Factors that could cause actual results to differ materially from those expressed or implied include the ongoing assessment and currently uncertain scope and impact of the IT security incident, legal, reputational, operational and financial risks resulting from this and any future IT security incidents, the effectiveness of business continuity plans during IT security incidents, and the other factors discussed in our Quarterly Report on Form 10-Q for the quarter ended September 30, 2022, and other filings with the Securities and Exchange Commission. The Company undertakes no obligation to update or revise any forward-looking statements, whether as a result of new information, future events, or otherwise, except as may be required under applicable securities law.

View source version on businesswire.com: https://www.businesswire.com/news/home/20221123005235/en/