Travel industry giant Sabre’s hotel reservation system has sprung a leak: its software was compromised, potentially exposing people’s payment card details to crooks.
Sabre’s hacked technology is used at more than 32,000 hotels and guest houses. The biz, which is headquartered in Southlake, Texas, admitted the security breach in a quarterly filing with the US Securities and Exchange Commission [see page 39]. It reads:
We are investigating an incident involving unauthorized access to payment information contained in a subset of hotel reservations processed through the Sabre Hospitality Solutions SynXis Central Reservation system. The unauthorized access has been shut off, and there is no evidence of continued unauthorized activity at this time.
We have retained expert third-party advisors to assist in the investigation and are working with law enforcement. There is a risk that this investigation may reveal that PII, PCI, or other information may have been compromised. The costs of this investigation, as well as any other impacts or remediation related to this incident, may be material.
Investigative reporter Brian Krebs broke news of the intrusion, the specifics of which remain unclear. It is not yet known when the cyber-break-in happened or how many records may have been exposed. ®
Source: SANS ISC SecNewsFeed @ May 4, 2017 at 12:54PM