20 Major Hotels Hit by Point-of-Sale Breach
HEI Hotels & Resorts, which operates Hyatt, Sheraton, Marriott and Westin hotels, announced that its point-of-sale (POS) systems have been hacked. Data, including customer names, payment card numbers, expiration dates and verification codes, from tens of thousands of transactions has been stolen.
The company, which listed the affected hotels on its webpage, said the systems could have been breached as early as March 2015.
HEI spokesman Chris Daly told Reuters it is difficult to determine just how many people were affected during this time period, though, as consumers may have used their cards more than once.
“We are treating this matter as a top priority, and took steps to address and contain this incident promptly after it was discovered,” the company said in a statement.
HEI discovered the malware while it was performing a system upgrade in early to mid-June. They hired outside experts to investigate the breach and contacted law enforcement. The company reports that the malware has been disabled, and their systems are being upgraded to make them more secure. At this time, the company said it is safe for customers to use their cards at all hotels.
Customers are being advised to check their credit card statements for fraudulent activity if they stayed at one of these hotels. As yet, the company has not offered free credit monitoring to affected customers.