Kimpton Hotels & Restaurants announced that customer reservation information might have been accessed without authorization through a Sabre reservation system breach between 10 August 2016 and 9 March 2017.
SAN FRANCISCO, July 17, 2017 — To provide further awareness regarding the data security incident previously reported by Sabre, Kimpton Hotels & Restaurants ("Kimpton") is notifying guests and advising them of ways to protect their payment card information. Sabre is a third-party vendor that facilitates the booking of hotel reservations made by consumers through hotels, online travel agencies, and similar booking services.
The unlawful access into Sabre's Hospitality Solutions SynXis Central Reservations system may have affected personal information of consumers who made reservations at numerous hotels, including Kimpton. The data security incident did not occur on, nor did it affect, Kimpton's systems nor the systems of its parent company, IHG.
Upon discovering the incident, Sabre engaged a digital forensics firm to conduct an investigation. On June 6, 2017, the digital forensics firm confirmed that certain reservation information within the Sabre system, including that of Kimpton customers, was accessed without authorization. Sabre advised that certain reservation information may have been accessed between August 10, 2016 and March 9, 2017.
Kimpton encourages customers to carefully review and monitor their payment card account statements. If a customer believes his or her payment card may have been affected, the customer should immediately contact their bank or card issuer. Kimpton confirmed that Sabre notified payment card networks so that they can coordinate with card issuing banks to monitor for fraudulent activity on cards used during the timeframe in which cards may have been compromised.
For more information regarding the data security incident, visit www.sabreconsumernotice.com or call 888-721-6305.