Connect with us

Hi, what are you looking for?

Florida News

Ashley Moody Concludes Data Breach Investigation of Sabre Hospitality Solutions

The breach exposed the data of approximately 1.3 million credit cards.

The breach exposed the data of approximately 1.3 million credit cards.

Last week, Florida Attorney General Ashley Moody, along with attorneys general from 26 other states, concluded an investigation into the 2017 data breach of Sabre Hospitality Solutions’ hotel booking system. The breach exposed the data of approximately 1.3 million credit cards. The attorneys general reached a $2.4 million agreement with Sabre Corporation, of which the state of Florida will receive $118,644 and injunctive relief.

Sabre Hospitality Solutions, a business segment of Sabre Corporation, operates the SynXis Central Reservation system that facilitates the booking of hotel reservations. SynXis connects business travel coordinators, travel agencies and online travel booking companies to Sabre Corporation’s hotel customers. On June 6, 2017, Sabre Corporation informed its hotel customers of a data breach that occurred between August 2016 and March 2017, which the business disclosed in a 10-Q Securities and Exchange Commission filing the month before. Hotels provided notice to consumers, resulting in some notices being issued as late as 2018 and some consumers receiving multiple notices stemming from the same breach.

“Holding companies accountable for the protection of Floridians’ personal information continues to be an important focus for my office. This agreement should serve as another important reminder to businesses that personal information must be treated with high levels of care required by law in Florida,” Moody said.

The agreement requires Sabre Corporation to:

  • Include language in future contracts that specifies the roles and responsibilities of both parties in the event of a breach;
  • Determine whether its customers provide timely and adequate notice of a breach to their consumers, and provide attorneys general a list of all the customers that it has notified;
  • Implement and maintain a comprehensive information security program;
  • Establish a written incident response and data breach notification plan; and
  • Implement specific security requirements and undergo a third-party security assessment.

In addition to Florida, represented by Consumer Protection Division senior assistant attorney general Gregory Sadowski, the multistate group includes: Alaska, Arizona, Arkansas, Connecticut, Hawaii, Illinois, Indiana, Iowa, Louisiana, Michigan, Minnesota, Missouri, Montana, Nebraska, Nevada, New Jersey, New York, North Carolina, North Dakota, Ohio, Oregon, Pennsylvania, Tennessee, Vermont, Virginia and Washington.

 

Author

  • Florida Daily offers news, insights and analysis as we cover the most important issues in the state, from education, to business and politics.

    View all posts

Archives

Related Stories

Trending News

TALLAHASSEE, Fla. – Florida Attorney General Ashley Moody announced that the state’s Office of Statewide Prosecution charged a woman suspected of committing dozens of...

Florida News

Florida Attorney General Ashley Moody sent warnings to voice service providers in response to robocalls flooding Floridians with unsolicited calls. Below is an official...

Florida News

TALLAHASSEE, Fla.—Attorney General Ashley Moody is issuing tips for Floridians to avoid charity fraud on Giving Tuesday. Giving Tuesday is a popular time for...