A data breach that affected the food and beverage outlets at certain Marriott, Holiday Inn, Sheraton and other hotel properties has exposed guests to potential theft. The breach occurred between March 20 and December 16 last year by “memory-parsing” malware that infects point-of-sale systems, including cash registers and credit-card swiping machines in checkout aisles.
A credit card data breach has been detected that exposed guests to theft at certain Marriott, Holiday Inn, Sheraton and other hotel properties, according to hotel management firm White Lodging Services Corp., Reuters reported.
The breach occurred at food and beverage outlets at 14 hotels, including some operated under the Westin, Renaissance and Radisson names, between March 20 and December 16 last year, Reuters reported.
White Lodging Services Corp. reported that information subject to potential theft by cyber criminals included names and numbers on consumers’ debit or credit cards, security codes and card expiration dates, Reuters reported.
Customers who used their cards at the affected outlets should review all statements from the time in question and consider placing fraud alerts on their credit files, White Lodging said.
White Lodging would not estimate how many card numbers might have been taken. Krebs on Security, the cybersecurity blog that first reported the breach on Friday, said thousands of accounts had been compromised.
The latest data breach comes after the FBI warned retailers last month to prepare for more cyber attacks after discovering about 20 hacking cases in the past year involving the same kind of malicious software used against Target Corp over the holiday shopping season, Reuters reported.
In a confidential, three-page report to retail companies, the FBI described the risks posed by “memory-parsing” malware that infects point-of-sale (POS) systems, which include cash registers and credit-card swiping machines in checkout aisles, Reuters reported.
Restaurants and lounges affected by the White Lodging breach were at hotels in Chicago; Austin, Texas; Richmond, Va.; Plantation, Fla.; Denver, Boulder and Broomfield, Colo.; Louisville, Ky.; Erie, Pa.; and Indianapolis and Merrillville, Ind., the company said.
White Lodging, which manages 169 hotels that include brands of Marriott International, Starwood Hotels and Resorts and InterContinental Hotels Group, said it planned to offer affected consumers one year of identity protection services, Reuters reported.
The company, based in Merrillville, Ind., said it notified federal authorities of the suspected breach and had begun a review of other properties it manages. A spokeswoman for White Lodging declined to comment to Reuters beyond the company’s statement.
Marriott said one of its franchise management companies had “unusual fraud patterns” with payment systems, according to a statement from spokesman Jeff Flaherty, adding that Marriott was working with the company in the probe, Reuters reported.
“Because the suspected breach did not impact any systems that Marriott owns or controls, we do not have additional information to provide,” Flaherty added.
Tell Us What You Think!
You must be logged in to post a comment.