16th July 2017/ CYBER NEWS
Another hospitality business suffers data breach
Hotels and casinos provide a prime target for hackers, due to the fact that they hold valuable customer data such as passport and payment card details, as well as having multiple access points to their central booking systems. Their clientele also tend to be well-heeled.
The customers of a number of high profile hospitality groups, including Hard Rock and Loews have had their unencrypted payment card information accessed by an unauthorised party via the central reservation system maintained by Sabre Hospitality Solutions. It is not clear whether any card details have been stolen and it appears that no personal information, such as driving licences or passports, has been compromised.
Sabre’s SinXis inventory management software is used by as many as 500 hospitality businesses around the world, but in this attack Sabre calculates that the hackers accessed just 15% of registrations on its systems. While Sabre first notified Hard Rock of the problem in June, it seems that the first incursion was back in August 2016 and the most recent in March this year. Some Google employees may also have fallen victim to the same breach.