Thayer Hotel Data Breach Affected Over 30,000 Individuals

Thayer Hotel reported that in September, cyber criminals infiltrated its internal systems, compromising and gaining access to the personal information of both staff and guests.

 

Hudson River Partners, doing business as the Thayer Hotel, a historic luxury landmark at West Point, New York, overlooks the Hudson River from its hilltop setting. Established in 1926, it offers elegant accommodations, fine dining, and versatile event spaces, all set against a backdrop of rich history and breathtaking river views.

 

In a data security incident notice filed with the Office of Maine Attorney General, Thayer Hotel said that on September 19, it identified unauthorised access within its internal network. The hotel authorities immediately launched an investigation, with assistance from external cyber security experts, to determine the nature and scope of the incident.

 

It also took steps to secure the affected systems and notified relevant law enforcement authorities about the same.

 

“The investigation was complex and time-consuming. On or about October 17, 2025, we were able to preliminarily determine the names of individuals residing in the United States whose information was impacted and the location of those individuals. The investigation was completed for individuals residing in the United States on October 17, 2025,” Thayer Hotel said.

 

The compromised data included names, Social Security numbers, driver’s license numbers, passport numbers, dates of birth, and state identification card numbers. The filing with the Maine state regulator’s office also states that the hotel authorities have identified at least 33,053 individuals affected by the incident.

 

Thayer Hotel has advised all affected individuals to regularly monitor their credit reports, account and benefit statements and report any suspicious activity to law enforcement authorities, including the police and the state attorney general. 

 

It has also offered one year of complimentary identity protection and credit monitoring services through Kroll to all affected individuals.

 

At the time of publishing, no known hacker group claimed responsibility for the cyber attack on Thayer Hotel. The hotel authorities also did not share details on who was behind the attack, how much data was compromised, or whether it has received a ransom demand.