Hackers steal guests' credit card information at 20 US hotels

The operator of Hyatt, Sheraton, Marriott, and Westin hotels says that it has been targeted by hackers, who for months collected customers credit card information.

|
Matt Rourke/AP/File
The Westin Philadelphia hotel in Philadelphia in 2010. Hyatt, Sheraton, Marriott and Westin hotels in 10 states and the District of Columbia may have been targeted by hackers for months. Hotel operator HEI Hotels & Resorts said Monday that malware put into place in at least 20 locations may have collected names, card account numbers, card expiration dates and verification codes.

Credit card data from customers at at least 20 Hyatt, Sheraton, Marriott, and Westin hotels may have been compromised by hackers.

Hotels in more than 10 states including California, Florida, Minnesota, and Virginia may have been targeted by hackers who put malware into place to collect names, card account numbers, card expiration dates, and verification codes from early December through late June, said hotel operator HEI Hotels & Resorts. In some locations, information may have been collected going back as far as March 2015. 

Data was collected from cards used at restaurants, bars, spas, lobby shops and other facilities, HEI spokesman Chris Daly told Reuters. 

"We are treating this matter as a top priority, and took steps to address and contain this incident promptly after it was discovered," said HEI in a press release, adding that it is now safe for customers to use their credit cards at all hotel locations. 

HEI said it first discovered the breach when it transitioned payment card processing to a standalone system separate from the rest of its network. An investigation is underway as the company works with law enforcement, banks, and payment card companies to determine exactly what happened. 

It's not known yet precisely how many customers may have had their data stolen, Mr. Daly told PCWorld. 

"Due to guests paying in multiple outlets during a stay or even visiting multiple times, or visiting multiple locations managed by HEI, an exact number is difficult to calculate," he said. "Furthermore, HEI does not store credit card details."

HEI recommends that any customers who used a card at the affected properties review their account statements, keeping an eye out for unusual activity, over the past several months and in the future. If you believe your information may have been compromised, contact your credit or debit card company immediately. 

What should you do if your credit card info is stolen? Angela Colley of Dealnews writes

If you notice strange activity on your credit or debit card, report the charges to your bank immediately using the toll free number on the back of the card or on your statement. The Federal Trade Commission says you aren'tresponsible for any charges made on a stolen account number after you report identity theft, so act quickly.

If you find suspicious activity on your accounts, ask one of the credit bureaus to place an initial fraud alert on your credit report. Once you notify one credit bureau, that bureau will notify the others and alerts will appear on all your credit reports. According to the Federal Trade Commission, the alert will remain on your credit report for 90 days. During that time, creditors cannot open new accounts without verifying your information, making it harder for thieves to access your credit. You can file a fraud alert online throughEquifaxExperian, or TransUnion.

Start by ordering a copy of all three credit reports. By law, you're entitled to one free credit report from each credit bureau each year viaAnnualCreditReport.com. You're also entitled to a free credit report after you file an initial fraud alert. Once you have the reports, look for any suspicious activity, like credit inquiries you didn't make or accounts you didn't open.

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Hackers steal guests' credit card information at 20 US hotels
Read this article in
https://www.csmonitor.com/Technology/2016/0815/Hackers-steal-guests-credit-card-information-at-20-US-hotels
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe