News & Events

  • RBTE 2018 & Seamless Asia

    RBTE 2018 - Retail Business

     May 2nd - 3rd




    Seamless Asia 2018

    May 3rd - 4th 

    Suntec Convention Centre - Booth# F03



POS hackers target hotel chains

Two global hotel chains have reported being hit by malware that targeted their customers’ payment card information.

Attacks were made on payment systems at Omni Hotels & Resorts and HEI Hotels & Resorts. 

HEI manages Starwood, Hilton, Marriott, Hyatt and InterContinental properties.

The malware used to attack Omni is thought to have been in operation between December 2015 and June this year but the chain has not revealed how many of its 60 properties were affected.

Omni did reveal that the malware was designed to collect payment card information, including cardholder name, credit/debit card number, security code and expiry date, but not other customer information such as social security numbers or PINs.October 2016 Newsletter Image 5

HEI Hotels & Resorts said malicious software, active from March 2015 until June 2016, was installed on the payment processing systems at some of its properties, with the aim of harvesting card data as it was being input into the system in real time.

It’s thought that the data breach affected twenty US hotels operated by HEI and may have divulged payment card data from tens of thousands of transactions at their restaurants, bars, spas, lobby shops and other facilities.

A good quality stand at your point of sale will protect card readers from criminal tampering and theft but to maintain full security of your payment system, you must also protect your software and communication network. Regularly check and update your firewalls and software, and choose strong passwords that you change often.

Read our tips on how you can keep your payment system secure.

Head Office: Tailwind Solutions Limited,
                     2a Castle Business Centre,
                     Queensferry Road,
                     Fife KY11 8NT 
tel: +44 (0)1383 661237

Tailwind Solutions Limited is registered in Scotland. Company Registration SC 306824.

Copyright © 2017 Tailwind Solutions Limited