Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
  HOME     MENU     SEARCH     NEWSLETTER    
THE ENTERPRISE SECURITY SUPERSITE. UPDATED 14 MINUTES AGO.
You are here: Home / Viruses & Malware / Major U.S. Hotels Hit by Data Breach
Major U.S. Hotels Hit by Point-of-Sale System Breach
Major U.S. Hotels Hit by Point-of-Sale System Breach
By Shirley Siluk / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
AUGUST
17
2016
HEI Hotels & Resorts is warning guests who stayed at some of its properties that they might have had their payment card data stolen while making purchases at onsite restaurants, gift shops and spas.

The security breach affected 20 properties, including some Marriott, Starwood, Sheraton and Westin hotels, at various times between March 1, 2015 and June 21, 2016 according to the hotel chain. First reported to the chain by its card processor, the incident has now been contained, according to the company.

During the breach, malware on point-of-sale (PoS) terminals might have affected the payment card data of some customers, including card numbers, expiration dates and verification codes. The company is recommending that people who stayed at the affected properties closely review their credit and debit card statements for unusual activity, and immediately report any suspicious charges to their card issuers.

Forensic Investigator Called In

"HEI was recently alerted to a potential security incident by its card processor," the company said in an online notice. "Based upon an extensive forensic investigation, it appears that unauthorized individuals installed malicious software on our payment processing systems at certain properties designed to capture payment card information as it was routed through these systems."

When it learned of the breach, HEI said it promptly notified law enforcement and hired an independent forensic expert to investigate the incident. The company also switched to a standalone payment processing system to separate PoS transactions from the rest of its network.

"Based on an independent forensic investigation, we believe that individuals were able to gain unauthorized access to certain HEI computers and may have been able to access some payment card data as it was being entered into our systems," the company said.

HEI apologized to customers for any concerns or frustrations caused by this incident. "We have also been in contact with law enforcement and will continue to cooperate with their ongoing investigation," HEI said.

Since being alerted to the breach, the company said it has been able to remove the malware from its system. HEI added that it is also working to strengthen data security by reconfiguring parts of its network and payment systems, and that its PoS sites are now safe for payment card transactions.

'Tens of Thousands' of Transactions

While HEI did not say how many customers may have been affected by the malware, Reuters reported yesterday that the breach could have revealed payment card data from "tens of thousands" of transactions.

According to an FAQ posted by the hotel chain, the organization "does not collect or maintain sufficient information to locate and contact potentially affected customers." HEI said that guests who didn't make PoS purchases during their stays at affected properties were not at risk of having their payment data stolen during the incident.

The affected properties include Marriott hotels in Boca Raton, Dallas and La Jolla; Le Meridien hotels in Arlington and San Francisco; Westin hotels in Fort Lauderdale, Minneapolis, Pasadena, Philadelphia, Snowmass and Washington, DC; along with other hotels in Chicago, Miami, Nashville, Santa Barbara, Tampa and Manchester Village, Vermont.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
MORE IN VIRUSES & MALWARE
ENTERPRISE SECURITY TODAY
NEWSFACTOR NETWORK SITES
NEWSFACTOR SERVICES
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.