Loews Hotels also added to data leak list.
Two more hotel chains are warning customers they were caught by the breach of Sabre’s “SynXis” hotel booking service that emerged earlier this year.
Last Thursday, the Hard Rock chain warned that customers of 11 of its properties may have been caught up in the breach.
According to Hard Rock’s confession, Sabre advised it the system breach ran from August 2016 to March 2017.
Hard Rock properties in Biloxi, Cancun, Chicago, Goa, Las Vegas, Palm Springs, Panama, Punta Cana, Rivera Maya, San Diego and Vallarta used the system.
Hard Rock was hit by carders in 2015, but that breach only affected its Las Vegas hotel and casino.
NBC Philadelphia reports high-polish hotel chain Loews Hotels was also stung.
Last week, Sabre issued a canned statement with the not-entirely-reassuring detail that the attackers only got full card information (customer, card number and security number) for some holiday-makers: “a large percentage of bookings were made without a security code being provided. Others were processed using virtual card numbers in lieu of consumer credit cards”.
Further: “Personal information such as social security, passport or driver’s license number was not accessed”. The company has created a consumer information site for Americans who think their data may have been accessed.
Back in May, Sabre revealed its SynXis hotel booking management system was compromised, and at the end of June, Google told employees to watch out for suspicious activity on their cards, because one of its travel agencies, Carlson Wagonlit Travel, was potentially exposed to the SynXis breach.