HEI says malware put in at least 20 hotels may have collected names, credit card account numbers, card expiration dates and verification codes – possibly from early December through late June. A full list of the affected hotels can be found here.
Advertisement
A hotel operator responsible for several high-profile hotels across the US says it discovered a breach of its payment processing systems that may impact hotels in several states and The District of Columbia.
The number of customers affected is hard to calculate because they might have used their cards multiple times, Daly said.
As many as 20 hotels in the USA have been hit by malware, and fears are spreading that customer data, including credit card information, was stolen. The company tapped outside experts to aid in its investigation; it also switched its card processing over to a standalone system and, of course, disabled the malware.
In a notice to customers, HEI said those who used credit cards at “point-of-sale terminals at the affected properties” may have had their information compromised.
Twenty hotels belonging to the HEI Hotels and Resorts group have been hit by point of sale (PoS) malware, highlighting the need for security standards in the industry.
The systems were infected with malware between March 1st, 2015 to June 21st, 2016.
HEI has since contained the malware and is now urging “customers to remain vigilant and continue to monitor statements for unusual activity going forward”. An investigation is underway as the company works with law enforcement, banks, and payment card companies to determine exactly what happened.
Most banks and credit card companies will give unauthorized charges back, but you may need to contact the police. The company will answer customer questions and provide them with more info via the following phone number: 888-849-1113.
Advertisement
The hotel company says the security issue has been addressed and it’s safe for customers to use their cards at affected hotels.
