Major hotel operator HEI Hotels and Resorts reported on Monday that 20 U.S. hotels it runs have suffered a major data breach that may have divulged customer bank card data.
Advertisement
A data breach at 20 hotels across the country, including Starwood, Marriott and Hyatt resorts, could have leaked credit card information for customers who bought food and drinks at those locations, HEI Hotels and Resorts announced.
Boca Raton Marriott at Boca Center, 5150 Town Center Circle, Boca Raton, from March 1, 2015 to June 7, 2015, and December 15, 2015 to April 11, 2016. At some properties, HEI said, data collection may have begun as early as March 2015.
It was discovered in June on payment systems used by hotel facilities such as restaurants, bars, spas, and lobby shops, HEI spokesperson Chris Daly told Reuters.
Several hotels may have been the victims of a data breach.
In total, the breach impacted 12 Starwood hotels, six Marriott International hotels, one Hyatt hotel, and one InterContinental Hotels Group property.
You can see a list of affected properties here.
Cybercriminals who manage to nab credit card data often try to sell it via illicit hacking forums, with buyers hoping to use it for online shopping sprees or to withdraw money from bank accounts. “In addition, we have disabled the malware and are in the process of re configuring various components of our network and payment systems to enhance the security of these systems”, HEI said in a notice to customers.
The number of affected customers is hard to calculate because they used their cards multiple times.
In a statement, HEI said the breach has now been contained and the company plans to bolster its data security to lessen the risk of such cyberattacks taking place again. The number of people affected had not been disclosed. If so, you could be among those whose personal information has been swiped by hackers who penetrated the company’s point-of-sale systems.
For more information, customers can contact HEI Hotels at 888-849-1113.
Advertisement
Both credit cards and debit cards typically come with a zero-liability policy, meant to protect consumers from fraudulent and unauthorized charges.
