Kimpton Hotels Data Breach Affects 60+ Locations
Kimpton Hotels confirmed that malware was found on payment terminals in over 60 of its hotels and restaurants, and that customers’ payment cards may have been compromised. Card numbers, expiration dates, verification codes and, in a “small number of instances,” corresponding cardholder names were stolen.
The hotels, which are listed on the website, were breached from February 16 to July 7 of this year. While other hospitality breaches, such as the recent hack at Omni hotels, occurred at the point-of-sale (POS) terminal, Kimpton said the malware was actually installed on the servers that process payment cards.
The company said it has removed the card-stealing software but has not provided any details about the extent of the breach. They plan on mailing letters to guests who may have been affected by the breach, but they may not have all the names and addresses. Thus, anyone who stayed at an affected location during this time period should closely monitor their card statements and credit reports for fraudulent activity.