CHICAGO – Attorney General Kwame Raoul, along with a coalition of 27 attorneys general, today announced a $2.4 million settlement with Sabre Corp. resolving a multistate investigation into the 2017 data breach of Sabre Hospitality Solutions’ hotel booking system. The breach exposed the data of approximately 1.3 million credit cards.

Subscribe Now to Breaking News

“By not having appropriate information security measures or plans in place for responding to a data breach, Sabre left information belonging to millions of consumers vulnerable,” Raoul said. “Today’s settlement holds Sabre accountable and, more importantly, takes steps to safeguard against a future breach and better protects consumers.”

Sabre Hospitality Solutions (Sabre), a business segment of Sabre Corp., operates the SynXis Central Reservation system, which allows business travel coordinators, travel agencies, and online travel booking companies to make reservations with hotels or hotel brands. In June 2017, Sabre informed its hotel customers of a data breach that had occurred between August 2016 and March 2017. Hotels were left to notify their customers of the breach, resulting in some notices being issued as late as 2018, and some consumers receiving multiple notices.

Article continues after sponsor message

Most Popular: Pritzker Administration Awards Over $4.2 Million in Grants Providing Electric School Buses in Madison County, Others

Under the settlement, Sabre agrees to implement and maintain a comprehensive information security program, a written incident response and data breach notification plan, specific security requirements, and undergo a third-party security assessment. In addition, Sabre’s future contracts will include language to specify the roles and responsibilities of both Sabre and its hotel customers in the event of a breach. Today’s settlement also requires Sabre to determine whether its hotel customers have notified consumers of the breach, and to provide Raoul and the coalition a list of all the customers Sabre has notified. According to the settlement, Sabre will pay the states $2.4 million.

Privacy Unit Chief Matt Van Hise, Consumer Fraud Bureau Chief Beth Blackston, and Assistant Attorneys General Carolyn Friedman and Ronak Shah handled the settlement for Raoul's Consumer Fraud Bureau.

Joining Raoul in this settlement are the attorneys general of Alaska, Arizona, Arkansas, Connecticut, Florida, Hawaii, Indiana, Iowa, Louisiana, Michigan, Minnesota, Missouri, Montana, Nebraska, Nevada, New Jersey, New York, North Carolina, North Dakota, Ohio, Oregon, Pennsylvania, Tennessee, Vermont, Virginia and Washington.

Read More:

Sep 30, 2020 | Attorney General Raoul Announces $39.5 Million Settlement With Anthem Over 2014 Data Breach Sep 30, 2020

Nov 24, 2020 | Attorney General Raoul Announces $17.5 Million Settlement With The Home Depot Over 2014 Data Breach Nov 24, 2020

Oct 9, 2020 | Attorney General Raoul Announces $5 Million Settlement With Community Health Systems For Data Breach Oct 9, 2020

Nov 5, 2021 | Attorney General Raoul Announces Settlement With Companies Over Predatory Payday Loans Nov 5, 2021

"Styx - Renegade" now playing on The Eagle, the Riverbend's only Classic Rock station. Check out Riverbender Radio Today and Listen to Win!