White Lodging investigates suspected nine-month-long POS attack

Share this article:

White Lodging Services Corporation is investigating a suspected breach of its point-of-sale (POS) systems, the Indiana-based hotel management company announced on Monday, a few days after technology journalist Brian Krebs broke the story.

The breach would impact anyone who used a payment card at food and beverage outlets in one of 14 of the company's properties, according to a release emailed to SCMagazine.com by Kathleen Quilligan, director of communications with White Lodging.

“The unlawfully accessed data may have included names printed on customers' credit or debit cards, credit or debit card numbers, the security code and card expiration dates,” according to the release, which explains that guests who made purchases to their room accounts have not been affected.

The POS compromise took place between March 20, 2013, and Dec. 16, 2013, according to the release, and impacted people who visited Marriott, Holiday Inn, Sheraton, Westin, Renaissance and Radisson hotels in Illinois, Texas, Pennsylvania, Colorado, Indiana, Virginia, Kentucky and Florida.

The property management system, which manages card information for hotel guests and is used at the front desk of the Radisson Star Plaza location in Merrillville, IN, may also have been impacted, according to the release.

“Upon learning of the suspected data security breach, we immediately contacted appropriate federal law enforcement officials and initiated a third-party forensic review, including a review of all other properties managed by White Lodging,” according to the release. “We continue to work with investigators and the credit card companies.”

White Lodging will be offering a free year of identity theft protection services to all affected individuals, but details of that program will be made available along with new information as the hotel management company continues its investigation.

A number of companies, particularly retailers such as Target and Neiman Marcus, have come out in recent months and announced POS system compromises. In the majority of instances, the affected entities said that malware was introduced into the POS systems, allowing attackers to steal card data, among other information, on millions of customers.

Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

More in News

CryptoWall surpasses CryptoLocker in infection rates

CryptoWall surpasses CryptoLocker in infection rates

A threat analysis from Dell SecureWorks CTU says that CryptoWall has picked up where its famous sibling left off.

Professor says Google search, not hacking, yielded medical info

Professor says Google search, not hacking, yielded medical ...

A professor of ethical hacking at City College San Francisco came forward to clarify that he did not demonstrate hacking a medical center's server in a class.

Syrian Malware Team makes use of enhanced BlackWorm RAT

Syrian Malware Team makes use of enhanced BlackWorm ...

FireEye analyzed the hacking group's use of the malware, dubbed the "Dark Edition" of BlackWorm.