About 8,000 transactions took place in the period the systems were affected, which was between March 1, 2015 and June 21, 2016.
Advertisement
The dozen affected hotels are run by HEI Hotels & Resorts and bear the Starwood, Westin, Marriott International, Hyatt and InterContinental brands.
The malware, created to capture payment card data in transit as it is routed between systems, was discovered and ultimately eliminated on June 21 after a card processing company alerted HEI of suspicious activity; however, the earliest incidents are known to date as far back as March 1, 2015.
“We are treating this matter as a top priority, and took steps to address and contain this incident promptly after it was discovered”, HEI said in a press release.
Among hotel chains, Hilton Worldwide, Trump Hotel Collection and Starwood Hotels & Resorts have all confirmed payment-system breaches within the past year or so.
“We urge customers to remain vigilant and continue to monitor statements for unusual activity going forward”, HEI says.
According to Reuters, card data from tens of thousands of transactions could be at risk; HEI is still working out how many individual customers might have their names, card numbers, card expiry dates, and CCV numbers compromised.
HEI spokesman Chris Daly said the company is working with credit card processors to obtain the exact number of unique card holders impacted. If you notice anything from the hotel that doesn’t look right to you, contact your bank or credit card company. As a result, many thieves have moved on to target more lucrative information such as health care data.
The number of affected customers is hard to calculate because they used their cards multiple times.
Equinox Resort Golf Resort & Spa in Manchester Village, Vt. You can reach this call center by dialing 888-849-1113 between 9:00 a.m. and 9:00 p.m. The company said the malware has been removed and it is safe for customers to use credit cards at the properties.
Advertisement
The payment system has been reconfigured to enhance security in an attempt to prevent a future hack. Such high-profile hacks have encouraged retail industries in the U.S. to phase magnetic stripe cards out in favor of chip-based credit and debit cards, although rollout of the new system has been spotty as vendors are slow to buy the new terminals to read the chip cards.
