The Thayer Hotel, located at the United States Military Academy (West Point), suffered a cybersecurity breach exposing the **personally identifiable information (PII)** of **33,053 individuals**, including military personnel and their families. Unauthorized access occurred on **September 19, 2025**, with attackers extracting **names, driver’s license numbers, passport numbers, dates of birth, and state ID card numbers**, while a small subset had **Social Security numbers (SSNs) compromised**.The breach poses severe risks, including **identity theft, account takeovers, and targeted phishing**, particularly dangerous given the victim demographic (military-affiliated individuals). The hotel engaged **third-party forensic experts**, notified regulators, and offered **12 months of identity-theft protection and credit monitoring** via Kroll Security. Guests were advised to implement **fraud alerts or credit freezes**.The incident underscores vulnerabilities in **hospitality venues near military installations**, where sensitive credentials are routinely collected, emphasizing the need for **real-time monitoring, third-party risk management, and tailored incident-response protocols** for high-risk populations.
15 Abel cybersecurity rating report: https://www.rankiteo.com/company/15abel
"id": "15a5692656111125",
"linkid": "15abel",
"type": "Breach",
"date": "9/2025",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': '33,053 individuals',
'industry': 'hotel and lodging',
'location': 'West Point, New York, USA (on the grounds '
'of the United States Military Academy)',
'name': 'The Thayer Hotel',
'type': 'hospitality'}],
'customer_advisories': ['Encouraged to place fraud alerts or credit freezes '
'with credit bureaus.',
'Advised to review credit reports for suspicious '
'activity.',
'Offered 12 months of identity-theft protection and '
'credit-monitoring services (Kroll Security).'],
'data_breach': {'data_exfiltration': 'Likely (based on exposure of PII)',
'number_of_records_exposed': '33,053',
'personally_identifiable_information': ['names',
'driver’s licence '
'numbers',
'passport numbers',
'dates of birth',
'state identification '
'card numbers',
'Social Security '
'numbers (small '
'subset)'],
'sensitivity_of_data': 'High (includes military personnel and '
'family PII, risk of identity '
'theft/phishing)',
'type_of_data_compromised': ['personally identifiable '
'information (PII)',
'government-issued '
'identification documents']},
'date_detected': '2025-09-19',
'date_publicly_disclosed': '2025-10-31',
'description': 'The Thayer Hotel, located on the grounds of the United States '
'Military Academy at West Point, disclosed a cybersecurity '
'incident exposing the personally identifiable information '
'(PII) of approximately 33,053 individuals, including military '
'personnel and their families. Attackers accessed names, '
'driver’s licence numbers, passport numbers, dates of birth, '
'state identification card numbers, and, in a small number of '
'cases, Social Security numbers. The breach poses heightened '
'risks for identity theft, account takeover, and targeted '
'phishing campaigns due to the sensitive nature of the '
'affected population.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'exposure of military-affiliated PII',
'data_compromised': ['names',
'driver’s licence numbers',
'passport numbers',
'dates of birth',
'state identification card numbers',
'Social Security numbers (small subset)'],
'downtime': 'several days (system access restoration)',
'identity_theft_risk': 'High (due to exposure of government-issued '
'IDs and PII of military personnel)',
'operational_impact': 'Entire IT staff occupied for several days; '
'third-party forensic investigation required',
'systems_affected': ['computer systems']},
'initial_access_broker': {'high_value_targets': ['military personnel PII',
'government-issued '
'identification documents']},
'investigation_status': 'Completed (with third-party forensic assistance)',
'lessons_learned': ['Hospitality venues near military installations face '
'elevated risks due to collection of sensitive identity '
'credentials.',
'Need for rigorous third-party risk management and '
'real-time monitoring of privileged access.',
'Incident-response preparedness must be tailored to '
'populations with elevated protection requirements (e.g., '
'military personnel).',
'Even well-resourced venues can suffer materially '
'impactful breaches.'],
'post_incident_analysis': {'corrective_actions': ['Retained external '
'cybersecurity and forensic '
'experts for investigation.',
'Implemented identity '
'protection services for '
'affected individuals.',
'Likely review of '
'third-party risk '
'management and access '
'controls (inferred from '
'lessons learned).']},
'recommendations': ['Implement enhanced monitoring for privileged access and '
'third-party vendors.',
'Develop specialized incident response plans for '
'high-risk populations (e.g., military-affiliated '
'guests).',
'Offer proactive identity protection services (e.g., '
'credit monitoring, fraud alerts) to affected '
'individuals.',
'Conduct regular security audits and penetration testing, '
'particularly for systems handling government-issued '
'IDs.'],
'references': [{'source': 'California Attorney General (oag.ca.gov)'},
{'source': 'PR Newswire'}],
'regulatory_compliance': {'regulatory_notifications': True},
'response': {'communication_strategy': ['public disclosure via PR Newswire',
'direct notification to affected '
'individuals',
'regulatory notifications'],
'containment_measures': ['system access restoration',
'environment securing'],
'incident_response_plan_activated': True,
'recovery_measures': ['notification letters to affected '
'individuals (sent starting 2025-10-31)'],
'third_party_assistance': ['cybersecurity professionals',
'forensic specialists']},
'stakeholder_advisories': ['Notification letters to affected individuals '
'(sent starting 2025-10-31).',
'Offer of 12 months of complimentary '
'identity-theft protection and credit-monitoring '
'services via Kroll Security.',
'Advisory to place fraud alerts/credit freezes and '
'review credit reports.'],
'title': 'Cybersecurity Incident at The Thayer Hotel Affecting 33,053 '
'Individuals',
'type': ['data breach', 'unauthorized access']}