June 30, 2010

Hackers compromise Destination Hotels' credit card system

Guests at 21 Destination Hotels & Resorts' properties may have been subjected to credit card theft after the chain discovered malware installed in its credit card processing system.

How many victims? Unknown.

What type of personal information? Credit card numbers.

What happened? According to the hotel, remote attackers installed a malicious program into the card processing system.

Details: Only those hotels where credit cards are physically swiped appear to be affected. The malware has been removed, and the locations again are normally processing transactions.

What was the response? The Englewood, Colo.-based hotel chain is notifying guests who stayed at the affected properties and encouraging them to contact their credit card companies to ensure no fraud was perpetrated.

Quote: “We are concerned for our guests and we sincerely regret any inconvenience this may cause them,” said Charlie Peck, the hotel's president and chief operating officer.  “We know we are not the first hotel company to be victimized by this kind of attack, but our greatest concern is for our guests who may be affected as well.”

Source: Destination Hotels & Resorts news release. "Destination Hotels reacts swiftly to credit card interception," June 24, 2010.

Previous Post
Next Post
Related Articles
Related Topics
Related Links

Advertisement

How to Prevent Insider Threats!

POLL

More in The Data Breach Blog

Hackers raid Washington state court system to steal 160,000 SSNs, 1M driver's license numbers

Hackers raid Washington state court system to steal ...

After the public website of the Washington state Administrative Office of the Courts was compromised in February, an investigation revealed the severity of the breach in April.

Personal California birth records found in "unsecure" location

The California Department of Public Health announced that the data included names, addresses, Social Security numbers, and medical information.

Investment regulator loses portable device containing personal data

Although the specifics of the lost information is unknown, the Investment Industry Regulatory Organization of Canada has announced that 52,000 clients of 32 brokerage firms have been affected.