The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home Network Security Viruses & Malware Cybercrime Security Solutions More Topics...
GET RECOGNIZED
Let an ISACA® certification elevate your career.
Register today and save
You are here: Home / Customer Service / Hotels Hacked, Customer Data Stolen
Is your endpoint data protected?
Major Hotel Customers Hit by Data Breach
Major Hotel Customers Hit by Data Breach
By Jennifer LeClaire / Enterprise Security Today Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
FEBRUARY
03
2014


After the Target and Niemen Marcus network breaches, retailers are now hyper-vigilant about security. But the hotel industry may need to open its eyes a little wider.

White Lodging, a company that maintains hotel franchises under nationwide brands including Hilton, Marriott, Sheraton and Westin, appears to have suffered a data breach that exposed credit and debit card information on thousands of guests throughout much of 2013, according to KrebsOnSecurity.

“Earlier this month, multiple sources in the banking industry began sharing data indicating that they were seeing a pattern of fraud on hundreds of cards that were all previously used at Marriott hotels from roughly March 23, 2013 on through the end of last year,” said Brian Krebs, a security expert who runs the blog. “But those same sources said they were puzzled by the pattern of fraud, because it was seen only at specific Marriott hotels, including locations in Austin, Chicago Denver, Los Angeles, Louisville and Tampa.”

Marriott Speaks Out

As it turns out, Krebs said, the common thread among all those Marriott locations is the management company: Merrillville, Ind.-based White Lodging Services Corp. White Lodging bills itself as “a fully-integrated owner, developer and manager of premium brand hotels.” The Web site suggests its portfolio includes 168 full-service hotels in 21 states. That includes more than 30 restaurants.

“White Lodging declined to offer many details, saying in an emailed statement that “an investigation is in progress, and we will provide meaningful information as soon as it becomes available,” Krebbs said. He noted that Marriott also issued a statement explaining that one of its franchisees has experienced unusual fraud patterns in connection with its systems that process credit card transactions at a number of hotels across a range of brands, including some Marriott-branded hotels.

“They are in the midst of the investigation and are in close contact with the banks and credit cards companies. We are working closely with the franchisee as they investigate the matter,” Marriott said. “Because the suspected breach did not impact any systems that Marriott owns or controls, we do not have additional information to provide. As this impacts customers of Marriott hotels we want to provide assurance that Marriott has a long-standing commitment to protect the privacy of the personal information that our guests entrust to us, and we will continue to monitor the situation closely.”

More Breaches to Come

Krebs notes that sources say the breach appears to have affected mainly restaurants, gift shops and other establishments within hotels managed by White Lodging -- not the property management systems that run the hotel front desk computers, which handle the checking in and out of guests.

“In the case of Marriott, for example, all Marriott establishments operated as franchises must use Marriott’s property management system,” he said. “As a result, the breach impacted only those Marriott guests who used their cards at White Lodging-managed gift shops and restaurants.”

We caught up with Tommy Chin, a technical support engineer at CORE Security, to get his take on the breach. He told us Kaptoxa, a new piece of malware, has infected a large number of retail information systems, according to a report from iSightPartners.

“Their report states you may be at risk if you have a POS system in operation. I believe there will be a good number of disclosed breached coming in the near future -- not just from retailers,” Chin said. “I’m sure that all the breaches to date have not yet been discovered.”

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY BE OF INTEREST
Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.
MORE IN CUSTOMER SERVICE
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Dairy Queen Latest Retailer To Report Hack
Known for its hot fries and soft-serve ice cream, Dairy Queen just made cyber history as the latest victim of a hack attack. The fast food chain said that customer data at some stores may be at risk.
 
Lessons from the JPMorgan Chase Cyberattack
JPMorgan Chase is investigating a likely cyberattack. The banking giant is cooperating with law enforcement, including the FBI, to understand what data hackers may have obtained.
 
Who Is the Hacker Group Lizard Squad?
Are they dangerous or just obnoxious? That’s what many are wondering about the hacker group Lizard Squad, which tweeted out a bomb threat that grounded a flight with a Sony exec aboard.
 

Enterprise Hardware Spotlight
Intel Intros Lightning-Fast PC Processors
Call it extreme. Intel just took the covers off its first-ever eight-core desktop processor, which is aimed at hardcore power users who expect more than the status quo from their computers.
 
HP Previews ProLiant Gen9 Data Center Servers
Because traditional data center and server architectures are “constraints” on businesses, HP is releasing new servers aimed at faster, simpler and more cost-effective delivery of computing services.
 
Apple Set To Release Largest iPad Ever
Tech giant Apple seems to have adopted the mantra “go big or go home.” The company is planning to introduce its largest iPad ever: a 12.9-inch behemoth that will dwarf its largest existing models.
 

Mobile Technology Spotlight
iWatch Watch: What Will Apple Ask Us To Wear?
There are still more questions than answers when it comes to details about the smart watch Apple seems poised to debut on Sept. 9. In fact, nobody seems completely sure that it will be a smart watch at all.
 
Google Successfully Tests Its Own Delivery Drone
While top technology companies are engaged in an "arms race" to develop drones that can quickly deliver goods to anyone anywhere, Google has revealed it successfully tested its own version.
 
Will iPhone Finally Catch Up with NFC Mobile Payment Ability?
Apple's latest version of the iPhone may have a mobile wallet to pay for purchases with a tap of the phone. The iPhone 6 reportedly is equipped with near-field communication (NFC) technology.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Cybercrime | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.