Hackers may have hit Holiday Inn, Marriott hotels
A large hotel management company says attackers may have compromised its point-of-sale devices
IDG News Service - Lodgers at Holiday Inns, Marriott and Renaissance hotels may have had their payment card details compromised following a new disclosure on Monday of suspected point-of-sale device attacks.
White Lodging Services, a hotel management company, warned in a news release it suspects point-of-sale systems at restaurants and lounges on 14 of its properties were compromised between March 20, 2013 and Dec. 16, 2013.
Guests who did not use their card at restaurants and lounges, as well as those who used their room account for purchases from those outlets, were not affected, it said.
The Merrillville, Indiana-based company said it manages hotels under agreement with hotels owners and is a separate entity from the specific hotel brands it operates.
The company said it has contacted federal law enforcement and initiated a forensic review of its properties. It runs more than 169 hotels in 21 U.S. states.
"We deeply regret and apologize for any inconvenience caused by this incident and remain committed to protecting all information entrusted to us by our guests," it said.
It is the latest company following Target, Neiman Marcus and Michaels to either confirm or disclose a suspected breach, as security experts warn dozens of companies worldwide may be affected.
The unfolding disclosures have drawn the attention of the U.S. Congress. The House Energy and Commerce Committee is scheduled on Wednesday to hear from senior executives from Target and Neiman Marcus along with the U.S. Secret Service about how data breaches can be prevented.
Attackers are planting malicious software, known as "RAM scrapers," on POS devices, which capture unencrypted card details after a customer has swiped a card, defeating other security measures in place intended to protect sensitive details.
White Lodging said customers' names as printed on credit or debit cards, the card numbers, the cards' security code and expiration dates may have been unlawfully accessed.
Financial institutions have reissued some payment cards and are monitoring other credit and debit cards for unauthorized activity, the company said.
White Lodging listed the 14 affected facilities in the states of Illinois, Texas, Pennsylvania, Colorado, Texas, Indiana, Virginia, Kentucky, Florida and Colorado. It includes seven Marriott, two Holiday Inn and two Renaissance hotels, plus one Sheraton, one Westin and one Radisson hotel.
At its Radisson Star Plaza site in Merrillville, a property management system used at the front desk may have been affected in addition to a point-of-sale system, White Lodging said.
The company also runs upmarket hotels such as Hilton, Hyatt and Intercontinental with others bearing the Preferred Hotel Group, Starwood Hotels and Resorts and Carlson Rezidor Hotel Group brands.
Send news tips and comments to email@example.com. Follow me on Twitter: @jeremy_kirk
- Top 12 Laptop Bags for Mobile Pros
- Think Deleted Text Messages Are Gone Forever? Think Again
- 7 New Faces of the C-suite
- 5 Ways CIOs Can Rationalize Application Portfolios
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
- Who's Spying on You? You're aware of the threats of malware to your business but what about the ever-changing ground rules? Cybercriminals today are launching attacks against...
- Five Reasons to Think Again about UC There's a lot of noise out there about Unified Communications. Here are five good questions to ask yourself and your prospective UC vendor.
- A Unify Perspective: Gartner's Magic Quadrants for Unified Communication and Corporate Telephony Affirm Unify's Leadership Unify's OpenScape UC and Voice portfolio has placed in the "Leaders" quadrant - the "magic" quadrant - with an especially strong position for...
- A Unify Perspective: Gartner's Engagement Initiative Report Affirms the New Way to Work A transformation of the enterprise that amplifies collective effort, energizes the business and dramatically improves business performance. Experience the new way of working.
- Four Myths of High-Productivity App Dev Debunked Debunk the main myths surrounding high-productivity application development and how both platforms have overcome them.
On-Demand Webcast: 7 Reasons to Choose VoIP
Thinking about a new phone system for your business?
Be sure to watch this informative webcast. Steve Strauss, small business columnist for USA...
All Cybercrime and Hacking White Papers |