Outside experts investigated the breach and determined that hackers might have stolen customer names, account numbers, payment card expiration dates and verification codes.
Advertisement
Twenty hotels in several US states have been attacked by hackers with malware collecting card data on the systems of HEI Hotels & Resorts, which is operating Marriott, Starwood, Sheraton and Westin, The USA Today reports on Monday.
The data breach occurred at various locations from March 2015 to late June 2016. “We believe that the malware may have accessed payment card information in real-time as it was being inputted into our systems”, the company said. “If they see anything they do not understand or that looks suspicious, or if they suspect that any fraudulent transactions have taken place, customers should immediately notify the issuer of the credit or debit card”. According to a statement on HEI’s website, the malware affected point-of-sale (POS) terminals at the affected properties, but online booking and other online transactions were not affected.
HEI in Norwalk, Connecticut, did not specify how many people were likely to have been affected.
The company added: “HEI was recently alerted to a potential security incident by its card processor”. The properties that were affected are listed here.
HEI estimated that an average of around 10,000 transactions occurred during the period in question at some of the hotels, suggesting a total of roughly 200,000 transactions were affected, but said it was hard to estimate how many customers might have been involved as some may have carried out multiple transactions. HEI says they are working with law enforcement and financial institutions to address the breach. Hyatt Hotels, Target, Starwood Hotels & Resorts Worldwide and Hilton Worldwide Holdings, Neiman Marcus have also reported data breaches through their point-of-sale systems.
HEI apologized to customers for any concerns or frustrations caused by this incident.
Shares of Hyatt and Starwood Hotels were up in mid-morning trading today.
For more information, customers can contact HEI Hotels at 888-849-1113.
Advertisement
HEI said that once it found out about the problem it transitioned payment card processing to a stand-alone system that’s completely separate from the rest of its network.
