On June 6, 2017, the Organization was notified by its service provider that an unauthorized party gained access to account credentials that permitted access to payment card data and certain reservation information for some hotel reservations processed through the service provider?s Central Reservations System (“CRS”). The unauthorized party was able to access payment card information for some hotel reservations at affected properties. The service provider?s investigation found that the unauthorized party first obtained access to payment card and other reservation information on August 29, 2016. The last access to this information was on March 9, 2017.
File Type: pdf