Radisson Hotels: Data breach affected 'limited' number of sites, guests

By John Cox

August 19, 2009 03:09 PM ET

Comments

(0)

Top Stories

Network World - Radisson Hotels revealed Wednesday that a "limited" number of guests may have had their credit or debit card data stolen, due to a breach of the computer systems at some of the chain's hotels.

A brief history of data breach apology letters.

The illegal access was discovered this past spring. The company says the breaches took place between November 2008 and May 2009 at some hotels in the United States and Canada. "At this time we do not know how many properties and/or consumers/guests were affected," according to a FAQ on the Radisson Web site.

A Radisson spokesman did say that the attack appears to be from an "outside source" and that the company has "no reason to believe it was an insider."

But Radisson didn't even realize the attack had taken place until it was contacted by several credit card companies and card processors. The company says it's taken "additional security measures" to block any future such attacks, and is working with card issuers and credit reporting agencies to identify and resolve any fraudulent usage.

Because the forensic study on what happened is still underway, and federal criminal investigations have been launched in both countries, Radisson reported few other details.

The costs associated with data breaches is rising steadily, according to a study earlier this year by The Ponemon Institute. The report said the total average cost of coping with the consequences of a breach rose to $6.6 million per breach, up from $6.3 million in 2007 and $4.7 million in 2006. The Radisson revelation comes just days after the indictment of three men on charges stealing millions of data records from payment processor Heartland Payment Systems, and three other companies.

An "open letter" on Radisson's Web site, says the "number of potentially affected hotels involved in this incident is limited." But the data exposed could include the guest’s name printed on a debit or credit card, and the card numbers and expiration dates. No Social Security numbers were stored on the targeted computers, according to a companion FAQ.

The FAQ goes into some detail on how guests can contact and work with the credit reporting agencies to identify fraudulent usage. Radisson encourages guests who think they might have been affected to use the links above, or call the company at 866-584-9255.

The hotelier is offering "eligible" guests up to one year of free credit monitoring via Equifax Personal Solutions.

Reprinted with permission from

For more information about enterprise networking, go to NetworkWorld.com
Story copyright 2009 Network World, Inc. All rights reserved.

Comment Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Security

Additional Resources

WHITE PAPER

Do You Know the 7 Steps to Successful Data Migration?

Approximately 60 percent of data migration projects overrun time or budget, while some fail completely. Download this white paper, "Enhancing Your Chance for Successful Data Migration," to learn the critical steps you need to take to execute a data migration project with minimum cost and risk to your business.

WHITE PAPER

Total Cost of Ownership of Server Computing Vs. PCs

Read the Gartner research note to learn why the TCO of a server-based computing deployment used to deliver all applications to users is around 50% lower than that of an unmanaged desktop deployment.

WHITE PAPER

IDC White Paper: Linux in a Global Recession

Economic downturns have a tendency to accelerate emerging technologies, boost the adoption of effective solutions, and punish solutions that are not cost competitive or that are out of synch with industry trends. This IDC White Paper presents the results of an IDC survey of 330 companies in Western Europe, Asia/Pacific and the Americas that measures the receptiveness to Linux and takes into consideration changing views driven by the disruptive economic environment that businesses face today.