Posts Tagged: Data Breach Investigations Report 2017


2
May 17

Breach at Sabre Corp.’s Hospitality Unit

Breaches involving major players in the hospitality industry continue to pile up. Today, travel industry giant Sabre Corp. disclosed what could be a significant breach of payment and customer data tied to bookings processed through a reservations system that serves more than 32,000 hotels and other lodging establishments.

sabreIn a quarterly filing with the U.S. Securities and Exchange Commission (SEC) today, Southlake, Texas-based Sabre said it was “investigating an incident of unauthorized access to payment information contained in a subset of hotel reservations processed through our Hospitality Solutions SynXis Central Reservations system.”

According to Sabre’s marketing literature, more than 32,000 properties use Sabre’s SynXis reservations system, described as an¬†inventory management Software-as-a-Service (SaaS) application that “enables hoteliers to support a multitude of rate, inventory and distribution strategies to achieve their business goals.”

Sabre said it has engaged security forensics firm Mandiant to support its investigation, and that it has notified law enforcement.

“The unauthorized access has been shut off and there is no evidence of continued unauthorized activity,” reads a brief statement that Sabre sent to affected properties today. “There is no reason to believe that any other Sabre systems beyond SynXis Central Reservations have been affected.”

Sabre’s software, data, mobile and distribution solutions are used by hundreds of airlines and thousands of hotel properties to manage critical operations, including passenger and guest reservations, revenue management, flight, network and crew management. Sabre also operates a leading global travel marketplace, which processes more than $110 billion of estimated travel spend annually by connecting travel buyers and suppliers.

Sabre told customers that it didn’t have any additional details about the breach to share at this time, so it remains unclear what the exact cause of the breach may be or for how long it may have persisted.

A card involving traveler transactions for even a small percentage of the 32,000 properties that are using Sabre’s impacted technology could jeopardize a significant number of customer credit cards in a short amount of time.

The news comes amid revelations about a blossoming breach at Intercontinental Hotel Group (IHG), the parent company that manages some 5,000 hotels worldwide, including Holiday Inn and Holiday Inn Express. Continue reading →