The Westin in Philadelphia was among the 20 hotels in 10 states and Washington D.C. hit with the hack.
Advertisement
A data breach at 20 USA hotels operated by HEI Hotels & Resorts for Starwood, Marriott, Hyatt and Intercontinental may have divulged payment card data from tens of thousands of food, drink and other transactions, HEI said on Sunday. Customers who stayed at the Hotel Chicago Downtown at 333 North Dearborn St. from December 26, 2015 through April 27, 2016 may be affected.
HEI apologised for incident saying that it has “mounted a thorough response to investigate and resolve this incident, bolster our data security, and support our customers”. At some properties, HEI said, data collection may have begun as early as March 2015 at hotel locations where people bought food or drinks.
The company has informed federal authorities and has installed a new payment processing system that is separate from other parts of its computer network. It disabled the malware and is in the process of reconfiguring various components of its network and payment systems to make them more secure.
Malware found on the company’s systems could have been used to steal data from customers using cards to pay at any point-of-sale terminals across the properties, the company said. The company said that malware has been removed, and it is safe to use credit cards at its locations. Customers who notice anything out of place should contact their credit or debit card issuer. First reported to the chain by its card processor, the incident has now been contained, according to the company.
HEI, which manages more than 50 properties across the USA, revealed a list of affected hotels in a statement on its site.
Equinox Resort Golf Resort & Spa in Manchester Village, Vt. About 8,000 transactions occurred during the affected period at the Hyatt Centric Santa Barbara hotel in California, and about 12,800 at the IHG Intercontinental in Tampa, Florida, Daly said.
Advertisement
Royal Palm South Beach Miami in Miami Beach, Fla.
