Hilton and Starwood this week acknowledged they have been hacked following last month’s breach discovery by Trump Hotels and one earlier this year by Mandarin Oriental.
Hilton says it has identified and taken action to eradicate unauthorized malware that targeted payment card information in some point-of-sale systems. Hilton immediately launched an investigation and has further strengthened its systems.
While no data has been stolen Hilton suggest customers may wish to review and monitor their payment card statements if they used a payment card at a Hilton Worldwide hotel over a seventeen-week period, from November 18 to December 5, 2014 or April 21 to July 27, 2015.
Starwood Hotels says the point of sale systems of 54
of its hotels in North America were infected with malware for nearly eight months, enabling unauthorized parties to access payment card data of some customers.
Based on the investigation, malware was detected that affected certain restaurants, gift shops and other point of sale systems at the relevant Starwood properties. There is no indication at this time that the Company’s guest reservation or Starwood Preferred Guest membership systems were impacted. The malware was designed to collect certain payment card information, including cardholder name, payment card number, security code and expiration date. There is no evidence that other customer information, such as contact information or PINs, were affected by this issue. The affected hotels have taken steps to secure customer payment card information and the malware no longer presents a threat to customers using payment cards at Starwood hotels.
The Trump Hotel Collection said on its website that hackers gained access to its systems between May 2014 and June 2015 at the front desk of those hotels. Hotel restaurants and gift shops were also hacked.
The potential thefts occurred at the Trump SoHo New York, Trump International New York, Trump National Doral in Miami, Trump International Chicago, Trump International Waikiki, Trump International Hotel and Tower Las Vegas, and Trump International Toronto.
For data, background and forecasts on Date Breaches: Search CardWeb.com’s CardFlash® Library of more than 58,000 archived articles; Access CardWeb.com’s CardData® for current and historical Performance, Portfolios, Profiles, etc. Visit RAM Research® (ramresearch.com) for quarterly and annual forecasts covering more than 150 metrics. [complimentary or deeply discounted access to CardWeb.com subscribers].
Additional database resources include CardWeb.com’s CardExecs® – comings & goings of payments movers & shakers; CardWeb.com’s CardWatch® – ears & eyes on marketing globally (57K items); and CardWeb.com’s CardPixes® – form & function of card design (7K items).