Global Travel Media » Blog Archive » Alert as breach reveals hotel guests’ credit card data

Home » Headline News »Hotel News » Currently Reading:

Alert as breach reveals hotel guests’ credit card data

February 7, 2014 Headline News, Hotel News No Comments Email Email

egtmedia59A company that maintains Hilton, Marriott, Sheraton and Westin hotel franchises in the US has suffered a major data breach that has disclosed the credit and debit card information of guests who stayed at the some of the properties last year

The story was released by independent security researcher Brian Krebs, who wrote that banking industry sources noticed fraud among hundreds of cards that had been previously used at Marriott hotels.

Writing on his website, Krebs wrote that this month, “multiple sources in the banking industry began sharing data indicating that they were seeing a pattern of fraud on hundreds of cards that were all previously used at Marriott hotels.

“The common thread among all of those Marriott locations is that they are managed by Merrillville, Indiana-based White Lodging Services Corporation, which bills itself as ‘a fully-integrated owner, developer and manager of premium brand hotels,’” Krebs said.

White Lodging issued a statement yesterday confirming the suspected breach of point-of-sales systems from the period 20 March More-fun-in-the-Philippines_250X250px2013 to 16 December 2013 at food and beverage outlets, such as restaurants and lounges, at 14 properties, all in the US.

In addition, at one of the properties, the point of sale system and property management system used at the front desk were also suspected as affected, the statement said.

It continued:

“White Lodging manages hotels under agreements with the hotel owners and is a distinct and separate entity from specific hotel brands. The food and beverage outlets affected by the suspected breach were located at the following hotels:

• Marriott Midway, Chicago, IL

• Holiday Inn Midway, Chicago, IL

• Holiday Inn Austin Northwest, Austin, TX

• Sheraton Erie Bayfront, Erie, PA

• Westin Austin at the Domain, Austin, TX

• Marriott Boulder, Boulder, CO

• Marriott Denver South, Denver, CO

• Marriott Austin South, Austin, TX

• Marriott Indianapolis Downtown, Indianapolis, IN

• Marriott Richmond Downtown, Richmond, VA

• Marriott Louisville Downtown, Louisville KY

• Renaissance Plantation, Plantation, FL

• Renaissance Broomfield Flatiron, Broomfield, CO

• Radisson Star Plaza, Merrillville, IN

Guests at the hotels who did not use their credit card at these outlets, and guests who purchased to their room account at these outlets, were not affected, the White Lodge statement said.

“At the Radisson Star Plaza in Merrillville, Indiana, we suspect that the points of sale system at food and beverage outlets were affected as well as the property management system that manages hotel guests’ credit card information.

“Upon learning of the suspected data security breach, we immediately contacted appropriate federal law enforcement officials and initiated a third-party forensic review, including a review of all other properties managed by White Lodging.  We continue to work with investigators and the credit card companies.

“The unlawfully accessed data may have included names printed on customers’ credit or debit cards, credit or debit card numbers, the security code and card expiration dates.  Guests who used or visited the affected businesses during the nine month-period and who used a credit or debit card to pay their bills at the outlets might have had such information compromised and are encouraged to review their statements from that time period.”

The full statement by White Lodging can be read on:

Marriott issued a separate statement, quoted by Krebs, noting that “one of its franchisees has experienced unusual fraud patterns in connection with its systems that process credit card transactions at a number of hotels across a range of brands, including some Marriott-branded hotels.”

The Marriott statement continued:

“They are in the midst of the investigation and are in close contact with the banks and credit cards companies.  We are working closely with the franchisee as they investigate the matter.  Because the suspected breach did not impact any systems that Marriott owns or controls, we do not have additional information to provide.  As this impacts customers of Marriott hotels we want to provide assurance that Marriott has a long-standing commitment to protect the privacy of the personal information that our guests entrust to us, and we will continue to monitor the situation closely.”

Written by : Peter Needham

Comment on this Article:

Time limit is exhausted. Please reload CAPTCHA.

Platinium Partnership


Elite Partnership Sponsors


Premier Partnership Sponsors


Official Media Event Partner


Global Travel media endorses the following travel publication