Two Roads Hospitality LLC

On July 14, 2017, the California Office of the Attorney General disclosed a data breach affecting **Two Roads Hospitality LLC**, stemming from unauthorized access to **Sabre Hospitality Solutions**—a third-party reservation and payment processing system. The breach, which began on **August 10, 2016**, and persisted until **March 9, 2017**, involved the compromise of **payment card and reservation information** of an undisclosed number of individuals. While the exact scope of the exposed data (e.g., names, card numbers, or reservation details) was not specified, the incident highlighted vulnerabilities in third-party vendor systems handling sensitive customer financial data. The prolonged exposure period increased the risk of fraudulent transactions or misuse of payment details. The breach underscored the critical need for robust monitoring and access controls within hospitality industry supply chains, where third-party providers often manage high volumes of transactional and personal data. No ransomware or direct operational disruption was reported, but the incident posed significant reputational and financial risks for both Two Roads Hospitality and its affected customers.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-100306

TPRM report: https://www.rankiteo.com/company/sabre-hospitality-solutions

"id": "sab559091725",
"linkid": "sabre-hospitality-solutions",
"type": "Breach",
"date": "8/2016",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'industry': 'Hospitality',
                        'name': 'Two Roads Hospitality LLC',
                        'type': 'Company'},
                       {'industry': 'Travel Technology',
                        'name': 'Sabre Hospitality Solutions',
                        'type': 'Service Provider'}],
 'data_breach': {'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['payment card information',
                                              'reservation information']},
 'date_publicly_disclosed': '2017-07-14',
 'description': 'The California Office of the Attorney General reported that '
                'Two Roads Hospitality LLC experienced a data breach involving '
                'unauthorized access to payment card and reservation '
                'information at Sabre Hospitality Solutions. The breach '
                'occurred on August 10, 2016, and was last accessed on March '
                '9, 2017. The number of individuals affected and specific '
                'types of information compromised were not disclosed '
                'explicitly.',
 'impact': {'data_compromised': ['payment card information',
                                 'reservation information'],
            'payment_information_risk': 'Yes'},
 'references': [{'date_accessed': '2017-07-14',
                 'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': 'California Office of '
                                                       'the Attorney General'},
 'title': 'Data Breach at Two Roads Hospitality LLC via Sabre Hospitality '
          'Solutions',
 'type': 'Data Breach'}

Two Roads Hospitality LLC

COMCAST CABLE COMMUNICATIONS MANAGEMENT, LLC: FCC fines Comcast $1.5 million for data breach exposing client PII

Princeton University Press: Princeton University sued over data breach exposing alumni, donor information

Top Road: OpenAI sees API data breach via Mixpanel hack