Strauss Borrelli PLLC, a leading data breach law firm, is investigating Resort Data Processing, Inc. (“RDP”) regarding its recent data breach. The RDP data breach involved sensitive personal information belonging to an undetermined number of individuals.
ABOUT RESORT DATA PROCESSING, INC.:
RDP is a resort property management software company based in Colorado. Founded in 1981, RDP offers a full-suite PMS system designed with solutions for individual management needs such as front desk, groups, housekeeping, maintenance, guest services, marketing, reporting, and more.2 Today, RDP develops, installs, and provides support for over 1000 customers worldwide, including vacation rentals, condo-hotels, resorts, hotels, timeshare/fractional properties, and private resident clubs.3 Headquartered in Avon, Colorado, RDP employs over 20 individuals.
WHAT HAPPENED?
Recently, RDP reported to the Attorney General of New Hampshire that it had experienced a data breach in which sensitive personal identifiable information in its care may have been accessed. According to the breach notice, RDP recently identified evidence that an unauthorized actor was able to use compromised vendor credentials to scrape information that was entered by individuals making internet reservations at a customer location.1 As a result, RDP launched an investigation to determine the nature of the incident.
Through its investigation, RDP confirmed that sensitive personal information in its systems may have been compromised between December 25, 2024, and January 22, 2025. As a result, RDP began a review of the data to determine what information had been impacted as well as identify the specific individuals affected. The exact type of personal information potentially exposed has not been made publicly available by RDP. However, according to state reporting guidelines, “personal information” can include the following types of information:
- Name
- Social Security number
- Driver’s license or other government identification number
- Account number, credit or debit card number, in combination with any required security code, access code, or password that would permit access to an individual’s financial account
On March 20, 2025, RDP began mailing data breach notification letters to impacted individuals. Based on the breach notice sent to New Hampshire residents, RDP is providing affected individuals with a list of the specific types of sensitive information impacted and complimentary credit monitoring services. A link to the form breach notification letters that RDP filed with the Attorney General of New Hampshire is below.
If you received a breach notification letter from Resort Data Processing, Inc.:
We would like to speak with you about your rights and potential legal remedies in response to this data breach. Please fill out the form, below, or contact us at 872.263.1100 or sam@straussborrelli.com.
