[BreachExchange] Starwood, Marriott, Hyatt, IHG hit by malware

Audrey McNeil audrey at riskbasedsecurity.com
Mon Aug 15 18:49:51 EDT 2016


http://finance.yahoo.com/news/starwood-marriott-hyatt-ihg-hit-230328538.html

A data breach at 20 U.S. hotels operated by HEI Hotels & Resorts for
Starwood, Marriott, Hyatt and Intercontinental may have divulged payment
card data from tens of thousands of food, drink and other transactions, HEI
said on Sunday.

The breach follows similar attacks at Hyatt Hotels Corp and Starwood Hotels
& Resorts Worldwide Inc in recent months.

Norwalk, Connecticut-based HEI, which is privately held, said malware
designed to collect card data was found on HEI's systems.

The malware was discovered in early to mid-June on payment systems used at
restaurants, bars, spas, lobby shops and other facilities at the
properties, Chris Daly, a spokesman for HEI, said in emails and phone calls.

The number of customers affected is difficult to calculate because they
might have used their cards multiple times, Daly said. About 8,000
transactions occurred during the affected period at the Hyatt Centric Santa
Barbara hotel in California, and about 12,800 at the IHG Intercontinental
in Tampa, Florida, Daly said.

The malware affected 12 Starwood hotels, six Marriott International Inc
properties, one Hyatt hotel and one InterContinental Hotels Group PLC
hotel. It was active from March 1, 2015 to June 21, 2016, with 14 of the
hotels affected after Dec. 2, 2015, HEI said on its website on Friday.

Marriott and IHG declined to comment. Representatives from the other hotel
groups did not respond to requests for comment.

HEI said outside experts investigated the breach and determined that
hackers might have stolen customer names, account numbers, payment card
expiration dates and verification codes. The hackers did not appear to have
gained PIN codes, since those are not collected by its system, it added.

The company has informed federal authorities and has installed a new
payment processing system that is separate from other parts of its computer
network.

Among the properties affected were Starwood's Westin hotels in Minneapolis;
Pasadena, California; Philadelphia; Snowmass, Colorado; Washington, D.C.;
and Fort Lauderdale, Florida. Also affected were Starwood properties in
Arlington, Virginia; Manchester Village, Vermont; San Francisco; Miami; and
Nashville, Tennessee.

The Marriott properties affected were in Boca Raton, Florida; Dallas-Fort
Worth, Texas; Chicago; San Diego, California; and Minneapolis.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.riskbasedsecurity.com/pipermail/breachexchange/attachments/20160815/71355d8e/attachment.html>


More information about the BreachExchange mailing list