Sabre settles data breach lawsuit
Sabre Corp reached a settlement deal with the attorneys general in 28 states over the 2017 data breach of Sabre Hospitality Solutions’ hotel booking system.
Sabre agreed to pay $2.4 million.
The data breach of the SynXis Central Reservation system exposed 1.3 million credit cards and other personal data.
Under settlement terms Sabre must plan proactively for any future security issues and obtain an independent third-party security assessment.
It must take on any recommendations and implement them.
It must also implement a written incident response and data breach notification plan.
The breach took place between August 2016 and March 2017, and first publically acknowledged it in June 2017.
Some impacted customers were not told until 2018 as it was left to hotels to notify individual guests, while some consumers received multiple notices relating to the same breach.
It failed to meet the requirements under laws of multiple states including New York, New Jersey, Connecticut, Nevada, Iowa, Arkansas, Florida and Pennsylvania.
"As we have seen in other data breaches, it’s crucial that companies provide clear and timely notifications to consumers so they can protect themselves from identity theft," said Iowa Attorney General Tom Miller.
Written by Ray Montgomery, US Editor
TravelMole Editorial Team
Editor for TravelMole North America and Asia pacific regions. Ray is a highly experienced (15+ years) skilled journalist and editor predominantly in travel, hospitality and lifestyle working with a huge number of major market-leading brands. He has also cover in-depth news, interviews and features in general business, finance, tech and geopolitical issues for a select few major news outlets and publishers.
Dozens fall ill in P&O Cruises ship outbreak
Turkish Airlines flight in emergency landing after pilot dies
BA suspending all Heathrow to Abu Dhabi flights
Unexpected wave rocks cruise ship
Woman dies after going overboard in English Channel