A data breach at 20 US hotels operated by HEI Hotels & Resorts for Starwood, Marriott, Hyatt and Intercontinental may have divulged payment card data from tens of thousands of food, drink and other transactions, HEI said on Sunday.
Advertisement
On Monday, HEI Hotels and Resorts, which operates a number of high-end locations for the likes of Starwood, Marriott, Hyatt, and Intercontinental, said a data breach had hit 20 of its hotels in the U.S.
The malware, created to capture payment card data in transit as it is routed between systems, was discovered and ultimately eliminated on June 21 after a card processing company alerted HEI of suspicious activity; however, the earliest incidents are known to date as far back as March 1, 2015.
Customers may visit a special web site for additional information about the incident. HEI Hotels stresses that all of the payment card processing systems at its hotel properties are safe to use. Most recently, Kimpton Hotels & Restaurants and Omni Hotels & Resorts both reported credit card data breaches. A full list of all affected properties has been made available by HEI Hotels and Resorts on its website.
Retailers and other companies that deal with large numbers of credit cards have become popular targets for hackers.
If you stayed at one of the affected hotels, you should check your credit card statements for suspicious activity. However, there were some 8,000 transactions at the Hyatt Centric Santa Barbara hotel in California, as well as 12,800 at the IHG Intercontinental in Tampa, Florida, during this period.
Two Minneapolis hotels are among the 20 properties nationwide whose point-of-sale terminals were part of a security breach that lasted for more than a year.
The chain said it would not be contacting customers it thinks could be affected as it does “not collect or maintain sufficient information to locate and contact potentially affected customers”.
We take this matter and the security of personal information very seriously and we will continue to review and enhance our security measures to further secure our systems.
Advertisement
It said it would cooperate with investigations by federal law enforcement.
