Hard Rock Hotels & Casinos alongside Loews Hotels have issued warnings to their customers: there was a data security breach that may have resulted in the theft of their information.
There appears to be a common denominator, namely SynXis, a third-party reservation platform. Regretfully, they only started notifying their client hotels in June, which is months after the attacks took place.
According to the Hard Rock hotel chain, the unauthorised access to payment card details and other reservation information happened on August 10th last year. The information was last accessed on March 9th, 2017.
The Hard Rock hotel chain is currently composed of 176 cafes, 24 hotels, and 11 casinos. They are known for covering their walls with rock and roll memorabilia, which sets them apart from their competitors. Their assets are scattered throughout 11 countries.
The following properties were all affected by the breach:
– Rivera Maya
– San Diego
– Punta Cana
– Panama Megapolis
– Palm Springs
– Las Vegas
Moreover, the data stored by SynXis was not encrypted, so the attacker was able to access the following types of data:
– Cardholder names
– Card numbers
– Expiration dates
In certain cases, the following was also exposed:
– Email addresses
– Street addresses
– Guest names
– Phone numbers
– Security codes
According to NBC, Loews was also affected by the same security failure, and the perpetrator got away with credit card and security code information, as well as passwords.
Although the unauthorised access has been stopped, the damage remains.