UPDATED 23:42 EDT / JULY 09 2017

INFRA

Hard Rock and Loews Hotel customer details stolen following booking system hack

Credit card numbers and personal details have been stolen by hackers who successfully infiltrated the booking system used by the Hard Rock Hotel & Casino chain and Loews Hotels.

The hack related to Sabre Corp.’s Hospitality Solutions SynXis Central Reservation System used by both chains. Hackers gained access to the system between last Aug. 10 and March 9 of this year, with the hack itself only discovered in June.

How the hackers accessed the system was not detailed. In a statement, Sabre said only that “an unauthorized party gained access to account credentials that permitted unauthorized access to payment card information, as well as certain reservation information, for a subset of hotel reservations.”

The company claims that the hackers accessed payment card information for hotel reservations, including cardholder name, payment card number and card expiration date, while in some cases they also got payment card security code information. In addition, “in some cases,” the hackers obtained the guest’s name, email, phone number, address. and other information. But details such Social Security, passport and driver’s license numbers were not accessed.

Hard Rock said in a separate statement that the hack only affected a limited number of its properties, specifically hotels in Biloxi, Cancun, Chicago, Goa, Las Vegas, Palm Springs, Panama, Punta Cana, Rivera Maya, San Diego and Puerto Vallarta. Loews was not as forthcoming in detailing which of its upmarket hotels were affected, saying only in a statement to NBC that “some customers” may have been affected. Sabre itself claimed that less than 15 percent of the average daily bookings were viewed by the hackers.

Hacks in 2017 may be a dime a dozen, but the mere fact that Sabre, a company that provides booking software that is used by travel agents around the world along with 400 airlines, 220,000 hotels, 42 car rental brands, 38 rail providers and 17 cruise lines, raises deep concerns. That hackers could access one part of their network potentially means that other parts of their network may also be vulnerable. Anyone who has traveled anywhere in the world over the last few years has virtually a 100 percent chance that details of those trips will be stored somewhere on Sabre’s network.

It’s recommended that people who have visited Hard Rock or Loews Hotel locations check their credit card statements for any unauthorized activity and if any is found, they should immediately report the details to their financial institutions.

Photo: Santcomm/Wikimedia Commons

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.