x
Breaking News
More () »

Florida Attorney General: State to receive $118K following hotel booking data breach investigation

Data from about 1.3 million credit cards across the country was exposed during the 2017 breach.
Credit: Getty Images/iStockphoto
Stock photo

TALLAHASSEE, Fla — Florida is set to receive $118,644 and "injunctive relief" following the conclusion of an investigation into the data breach of a hotel company's booking system, state Attorney General Ashley Moody announced Wednesday.

The money is part of a $2.4 million agreement with Sabre Corporation and includes 27 states, of which Florida is one. According to the attorney general's office, the 2017 data breach exposed 1.3 million credit cards across the country. Sabre Hospitality Solutions provides booking systems to hotels throughout the country.

The attorney general's office says Sabre Corporation informed hotels of the data breach on June 6, 2017. The breach happened between August 2016 and March 2017. 

However, while hotels served by Sabre were told in 2017, the attorney general's office says some hotel guests weren't notified until 2018, and some even got multiple notices at the same time that came from the same breach. 

“Holding companies accountable for the protection of Floridians’ personal information continues to be an important focus for my office," Attorney General Ashley Moody wrote in a statement. "This agreement should serve as another important reminder to businesses that personal information must be treated with high levels of care required by law in Florida.” 

The attorney general's office says the agreement requires Sabre Corporation to:

  • Include language in future contracts that specifies the roles and responsibilities of both parties in the event of a breach;
  • Determine whether its customers provide timely and adequate notice of a breach to their consumers, and provide attorneys general a list of all the customers that it has notified;
  • Implement and maintain a comprehensive information security program;
  • Establish a written incident response and data breach notification plan; and
  • Implement specific security requirements and undergo a third-party security assessment.

RELATED: Polk Sheriff: 8 people charged in statewide retail theft, illegal re-sale scheme

RELATED: Sheriff: Men arrested for 'major' organized retail crime, accused of stealing about $3.6 million from stores

What other people are reading right now:

►Breaking news and weather alerts: Get the free 10 Tampa Bay app

Stay In the Know! Sign up now for the Brightside Blend Newsletter

Before You Leave, Check This Out