Resort Data Processing reports data breach
Learn More
Resort Data Processing (RDP), known for its property management software, has reported a cybersecurity incident. On August 21, 2023, the company became aware of a specific vulnerability in their system, a SQL injection flaw. This flaw granted unauthorized individuals the capability to reroute payment card details during ongoing transactions on the on-site Internet Reservation Module (IRM) servers managed by RDP for their clients.
Resort Data Processing implemented a security patch to address the vulnerability. Following this a comprehensive investigation confirmed that an unauthorized entity had successfully accessed sensitive and confidential data. This data belonged to certain guests who had chosen to stay at various resort establishments affiliated with RDP. Some of the impacted resorts include:
- Alta’s Rustler Lodge
- Bluefin Bay Resort
- Campland on the Bay
- Dover House Condominium Association Timeshare Resort and Vacation Rental
- Silver Cloud Hotel – Tacoma Waterfront
- Silver Cloud Hotel Seattle – Lake Union
- Silver Cloud Hotel Seattle – University District
- Silver Cloud Hotel Tacoma at Point Ruston Waterfront
- Sunrise Beach Villas
- The Flanders Hotel
- The Mountain Club on Loon Resort & Spa
- Villas By The Sea Resort & Conference Center
No details are disclosed about the number of affected individuals.
By October 27, 2023, Resort Data Processing took the necessary steps to inform the affected parties. They dispatched data breach notification letters to individuals whose personal information had potentially been compromised.
