Sabre Says Stolen Credentials Led to Breach

Travel Giant Declined to Release Number of Victims

Travel industry giant Sabre said Wednesday an intruder using stolen account credentials for its widely used reservations software had access to payment card details and personal information over a seven-month period. But it declined to say how many people are affected.

Sabre, which is based in Southlake, Texas, disclosed in early May a suspected breach affecting its SynXis Central Reservations system. The software-as-a-service system is used by travel agencies, hotels and booking services for such functions as rate and inventory management (see Sabre Warns Hotels: Card Data Potentially Compromised).

The exposure period started in August 2016 and ran through March. The information at risk includes payment cardholder names, card numbers and expiration dates, Sabre says.

For some reservations, the three-digit security code on the reverse of the card was exposed, but a “large percentage” of bookings were made without the code, the company says. Some bookings were made using virtual payment card numbers, it adds.

Guest names, phone numbers, addresses and other information were at risk, but not Social Security, driver’s license or passport numbers, according to Sabre.

“Our investigation did not uncover forensic evidence that the unauthorized party removed any information from the system, but it is a possibility,” Sabre says. In May, the company said FireEye’s Mandiant investigations unit assisted with the investigation.

Continue reading…

Source: Bank Info Security