Two global hotel chains have reported being hit by malware that targeted their customers’ payment card information.
Attacks were made on payment systems at Omni Hotels & Resorts and HEI Hotels & Resorts.
HEI manages Starwood, Hilton, Marriott, Hyatt and InterContinental properties.
The malware used to attack Omni is thought to have been in operation between December 2015 and June this year but the chain has not revealed how many of its 60 properties were affected.
Omni did reveal that the malware was designed to collect payment card information, including cardholder name, credit/debit card number, security code and expiry date, but not other customer information such as social security numbers or PINs.
HEI Hotels & Resorts said malicious software, active from March 2015 until June 2016, was installed on the payment processing systems at some of its properties, with the aim of harvesting card data as it was being input into the system in real time.
It’s thought that the data breach affected twenty US hotels operated by HEI and may have divulged payment card data from tens of thousands of transactions at their restaurants, bars, spas, lobby shops and other facilities.
A good quality stand at your point of sale will protect card readers from criminal tampering and theft but to maintain full security of your payment system, you must also protect your software and communication network. Regularly check and update your firewalls and software, and choose strong passwords that you change often.
Read our tips on how you can keep your payment system secure.