The hotel operator said payment card information could have been stolen HEI Hotels & Resorts has reported a possible compromise of payment card information at its point-of-sale terminals, the latest in a string of attacks on such systems at hotels, hospitals and retailers. The company, which manages close to 60 Starwood, Hilton, Marriott, Hyatt and InterContinental properties, said it appears that malicious software was installed on the payment processing systems at certain properties, with the aim of harvesting the card data as it was routed through the systems. The compromise may have possibly affected the personal information of some hotel customers who made payment card purchases at point-of-sale terminals, such as food and beverage outlets, at certain HEI managed properties. HEI in Norwalk, Connecticut, did not specify how many people were likely to have been affected. The data compromised may have included payment card data, including name, payment card account number, card expiration date, and verification code, it said. “We believe that the malware may have accessed payment card information in real-time as it was being inputted into our systems,” HEI said in a separate FAQ. It added that it does not store data like credit or debit card numbers of customers, or collect card personal identification numbers or social security numbers on its own systems. The chain said it would not be contacting customers it thinks could be affected as it does “not collect or maintain sufficient information to locate and contact potentially affected customers.” It said it would cooperate with investigations by federal law enforcement. HEI spokesman Chris Daly said the company is working with credit card processors to obtain the exact number of unique card holders impacted. “Due to guests paying in multiple outlets during a stay or even visiting multiple times, or visiting multiple locations managed by HEI, an exact number is difficult to calculate. Furthermore, HEI does not store credit card details,” he wrote in an email. The attacks at 20 properties were from March 2015 to June 2016. Omni Hotels & Resorts in Dallas, Texas reported last month that malware hit point-of-sale systems at some of its properties, with an eye to pilfering payment card information. Hyatt Hotels, Target, Starwood Hotels & Resorts Worldwide and Hilton Worldwide Holdings, Neiman Marcus have also reported data breaches through their point-of-sale systems. Related content analysis What is a virtual machine, and why are they so useful? Many of today’s IT innovations have their roots in virtual machines (VM) and their ability to separate software from hardware. By Keith Shaw May 03, 2024 9 mins Virtualization Data Center Networking analysis What is DNS and how does it work? The Domain Name System resolves the names of internet sites with their underlying IP addresses, adding efficiency and security in the process. By Josh Fruhlinger and Keith Shaw May 03, 2024 11 mins Internet Networking news Appeal court overturns $1.6bn mainframe software ‘poaching’ ruling against IBM AT&T ‘independently decided” to replace BMC software, the appeals court found. By John Leyden May 03, 2024 1 min Mainframes news Cisco, Red Hat extend networking, AI integrations Cisco and Red Hat will demo new network product integrations and introduce AI validated designs at the upcoming Red Hat Summit 2024. By Michael Cooney May 03, 2024 4 mins Network Virtualization Cloud Computing Networking PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe