Breach, Data Security

Evans Hotels announces payment card incident involving malware

California-based Evans Hotels – which operates Bahia Resort Hotel, Catamaran Resort Hotel and Spa, and The Lodge at Torrey Pines – announced that malware was installed on computers at the front desks of its properties that could have compromised payment card data.

How many victims? Undetermined.

What type of personal information? Names, account numbers, expiration dates, and verification codes.

What happened? Evans Hotels had on occasion been using backup payment card readers that do not encrypt card data when cards are swiped – later, Evans Hotels discovered that malware was installed on computers at the front desks of its properties, and data from cards swiped through those backup readers may have been compromised.

What was the response? The backup payment card readers were removed from all properties. Evans Hotels is working with a computer security firm to implement additional enhanced security measures.

Details: Evans Hotels removed the backup card readers from its properties on March 5. Cards swiped through the backup card readers between September 2014 and March 5 may have been compromised.

Evans Hotels learned in February that guests who used payment cards at its properties were seeing unauthorized charges on those cards. During an investigation, Evans Hotels learned that backup card readers that do not encrypt card data when cards are swiped were being used in addition to its current system during the check-in of large groups. Several years ago, Evans Hotels began using card readers that encrypt payment card data when the card is swiped, and the older card readers were kept as a backup for IT disaster recovery purposes. 

Quote: “We worked extensively to identify only those guests whose cards were swiped through the backup readers during this time frame, but we were not able to reliably make that distinction from our records,” a notification posted to the Evans Hotels website said, going on to add, “Because we were not able to specifically identify the small percentage of guests whose cards were swiped through the backup readers, if you used a card at one of our properties during this time frame, we recommend that you regularly review your account statements for any unauthorized activity.”

Source: evanshotels.com, “Evans Hotels Identifies and Stops Limited Payment Card Incident,” July 8, 2015.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.