Home Objective News Today Thousands of Hotel Guests' Data May Have Been Hacked

Thousands of Hotel Guests' Data May Have Been Hacked

245

A data breach at 20 U.S. hotels operated by HEI Hotels & Resorts for Starwood, Marriott, Hyatt and Intercontinental may have divulged payment card data from tens of thousands of food, drink and other transactions, HEI said on Sunday.

The breach follows similar attacks at Hyatt Hotels and Starwood Hotels & Resorts in recent months.

The Westin Lombard Yorktown Center is pictured in Lombard, Illinois


The Westin Lombard Yorktown Center is pictured in Lombard, Illinois

The Westin Lombard Yorktown Center, a hotel of the Starwood chain, is pictured in Lombard, Illinois July 24, 2008. REUTERS/Jeff Haynes

Norwalk, Connecticut-based HEI, which is privately held, said malware designed to collect card data was found on HEI’s systems.

The malware was discovered in early to mid-June on payment systems used at restaurants, bars, spas, lobby shops and other facilities at the properties, Chris Daly, a spokesman for HEI, said in emails and phone calls.

The number of customers affected is difficult to calculate because they might have used their cards multiple times, Daly said. About 8,000 transactions occurred during the affected period at the Hyatt Centric Santa Barbara hotel in California, and about 12,800 at the IHG Intercontinental in Tampa, Florida, Daly said.

The malware affected 12 Starwood hotels, six Marriott International properties, one Hyatt hotel and one InterContinental hotel. It was active from March 1, 2015 to June 21, 2016, with 14 of the hotels affected after Dec. 2, 2015, HEI said on its website.

Marriott and IHG declined to comment. Representatives from the other hotel groups did not respond to requests for comment.

HEI said outside experts investigated the breach and determined that hackers might have stolen customer names, account numbers, payment card expiration dates and verification codes. The hackers did not appear to have gained PIN codes, since those are not collected by its system, it added.

The company has informed federal authorities and has installed a new payment processing system that is separate from other parts of its computer network.

Among the properties affected were Starwood’s Westin hotels in Minneapolis; Pasadena, California; Philadelphia; Snowmass, Colorado; Washington, D.C.; and Fort Lauderdale, Florida. Also affected were Starwood properties in Arlington, Virginia; Manchester Village, Vermont; San Francisco; Miami; and Nashville, Tennessee.

The Marriott properties affected were in Boca Raton, Florida; Dallas-Fort Worth, Texas; Chicago; San Diego, California; and Minneapolis.

Source

LEAVE A REPLY

Please enter your comment!
Please enter your name here