A data breach at 20 US hotels operated by HEI Hotels & Resorts for Starwood, Marriott, Hyatt and Intercontinental may have divulged payment card data from tens of thousands of food, drink and other transactions, HEI said on Sunday.
Advertisement
The security breach affected 20 properties, including some Marriott, Starwood, Sheraton and Westin hotels, at various times between March 1, 2015 and June 21, 2016 according to the hotel chain.
Shares of Marriott International (MAR) were higher in mid-morning trading today despite the Bethesda, MD-based hospitality company and other hotels operated by HEI Hotels & Resorts being breached by malware that may have leaked card payment data. You should contact your credit card company if you notice anything unusual on your past and future statements. The malware was able to scrape credit card details from hotel restaurants, spas, and lobby shops. The properties that were affected are listed here.
Customers may also visit www.heihotels.com/notice for additional information about the incident.
HEI said it discovered the malware in its system as it was performing an upgrade. We are pleased to report that the incident has now been contained and individuals can safely use payment cards at all of our properties. It has now been disabled and the upgraded system will be more secure, the company said.
As with any breach, consumers are not liable for fraudulent charges on their credit cards.
The number of people affected is hard to estimate, as many people used their credit cards a few times. The company will answer customer questions and provide them with more info via the following phone number: 888-849-1113. Some 8,000 transactions took place during this time and it’s likely that the company’s point-of-sale systems would have been compromised to steal customer data.
Advertisement
“Any business, regardless of size or vertical specialty, that processes payment data or offers free Wi-Fi to guests, is a lucrative breach target”.
