Sabre Hospitality Solutions is investigating a breach of its
SynXis Central Reservations system that allowed unauthorized access to payment
card information in "a subset of hotel reservations," according to an
SEC filing made by the company on Tuesday.
SynXis is a rate and inventory management system that serves
as a "switch" or go-between for hotel property systems and other
distribution channels, including global distribution systems and online travel
agencies. Reservation information that is typically accessible via a CRS includes
cardholder name, billing address and card number. Sabre has shut off the
unauthorized access and engaged third-party security expert Mandiant to conduct
an investigation.
The Sabre breach is just one data security incident
that has hit the hotel industry lately. InterContinental Hotels Group last
month disclosed that a 2016 payment card breach affected more than 1,100
properties in its system. Other companies to announce similar incidents include
Noble
House Hotels & Resorts, HEI
Hotels & Resorts, Kimpton
Hotels & Restaurants and Omni
Hotels & Resorts.