November 26, 2015 — Hotels warned after hackers target guest credit card details
Hilton Worldwide has become the second major hotel company this week to admit to a security breach which allowed hackers to steal customers’ credit card details.
The hotel chain has launched an investigation after malware was found in point-of-sale systems across its 4,500 hotels.
However, it declined to reveal how many of its UK properties had been targeted.
Guests who used a payment card in a Hilton hotel between 21 April and 27 July this year or from 18 November to 5 December last year are being advised to check their bank statements.
Hackers may have had access to cardholder names, payment card numbers, security codes and expiration dates, but no addresses or personal identification numbers (PINs).
The announcement comes just days after Starwood Hotels & Resorts announced 54 of its North American hotels had been infected with malware designed to steal payment card data.
The chain, which was recently bought by Marriott International, said its payment systems had been affected for a varying period between November 2014 and October 2015.
In October the Trump Hotel Collection warned customers it may have been subject to a similar breach between May 2014 and June 2015, though it is not clear if the hotels were targeted in a co-ordinated attack.
Ryan Wilk, director at cyber security firm NuData Security, warned that the wider hotel industry was at risk from similar malware.
“While we can’t know for sure what hackers long-term plans are, it does seem credible that they are targeting specific industries that likely have the same exploits in order to maximise their efforts before moving on to the next industry,” said Wilk.
He added that the hotel sector needed to up its ‘collective game’ and card breaches should not be considered ‘an unavoidable cost of doing business in the digital age’.
To see the full article at BigHospitality click here.