The Organization was notified that an unauthorized party obtained access to information associated with payment cards used to book hotel reservations through a central hotel reservation system (CRS) subcontracted by the Organization?s travel partner, American Express. The Organization understands from the subcontracted service provider that the attacker obtained access to account credentials that permitted access to a subset of hotel reservations processed through the CRS. The unauthorized access took place between August 10, 2016 and March 9, 2017.

File Type: pdf
File Size: 329 KB
Categories: 2017