Cyber Incident Victim: Noble House Hotels and Resorts
Date:
Sep 2016
Location:
United States of America
Summary
Noble House Hotels & Resorts experienced a payment card breach impacting two properties, Teton Mountain Lodge & Spa and Hotel Terra, following the discovery of suspicious activity by an external security firm. The compromise targeted magnetic stripe data, potentially exposing card numbers, expiration dates, CVV codes, and some cardholder names during a brief period before detection. The company confirmed no evidence of post-incident card misuse and notified all accessible affected guests, while offering reimbursement for documented fraudulent charges not covered by financial institutions. Remediation efforts included collaboration with the security firm to address vulnerabilities and enhance protective measures across its systems.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On September 6, 2016, Noble House Hotels & Resorts was alerted by an external computer security firm to potential suspicious activity within payment card systems at two properties: Teton Mountain Lodge & Spa and Hotel Terra. The security firm, engaged by Noble House to examine systems across its properties, confirmed a compromise window spanning September 5 to September 6, 2016. The breach exposed magnetic stripe data from payment cards, including card numbers, expiration dates, CVV codes, and in some cases, cardholder names. Noble House clarified that no payment card activity occurring after September 6 was affected. This marked another security incident for the chain, which had disclosed multiple breaches in 2015 and earlier in September 2016 prior to this discovery. The company did not disclose the number of potentially impacted guests but confirmed the breach was isolated to the two identified properties during the specified timeframe.
Noble House initiated notification procedures for all guests whose contact information was available, though acknowledged some potentially affected individuals could not be directly reached due to the nature of the incident. The company advised vigilance in monitoring payment card statements for unauthorized transactions and directed guests to contact their card-issuing banks immediately if fraud was suspected. Noble House offered reimbursement for reasonable, documented fraud-related costs that financial institutions declined to cover for cards used at the affected properties during the breach period. Remediation efforts included collaboration with the security firm to address vulnerabilities and enhance security measures across systems. A dedicated call center was established for guest inquiries, operating during Eastern Time business hours. Noble House expressed regret for the incident but did not disclose technical details regarding the breach mechanism, attacker origins, or forensic findings beyond the confirmed compromise dates and data types.