The hotel chain Hilton Worldwide Holdings admitted that crooks stole credit card information from some of its PoS systems, but hasn’t provided detailed info on the extent of the data breach. The company Hilton Worldwide is warning its customers who used credit cards at its hotels between November 18 and December 5 of last year or April 21 and July 27 of this year to monitor their banking account for any suspicious activity.
According to the Hilton global brands executive vice president Jim Holthouser, the malware infected the PoS systems, allowing the cyber criminals to steal customers’ data, including credit card holders’ names, card numbers, security codes and expiration dates.
“Hilton Worldwide (NYSE: HLT) has identified and taken action to eradicate unauthorized malware that targeted payment card information in some point-of-sale systems. Hilton immediately launched an investigation and has further strengthened its systems.” reads a press release issued by the Hilton Worldwide Holdings.
“Hilton Worldwide worked closely with third-party forensics experts, law enforcement and payment card companies in this investigation, and determined that the specific payment card information was targeted by this malware. This information includes cardholder names, payment card numbers, security codes and expiration dates, but no addresses or personal identification numbers (PINs).”
It seems that customers’ addresses and personal identification numbers were not compromised in the data breach.
Hilton hired a forensic firm to investigate the cyber attack, along with law enforcement and payment card companies.
A few days ago another hotel chain was affected by a serious data breach, Starwood Hotels announced that hackers had infected payment systems, potentially exposing customers’ financial data, including credit card data.
If you are a customer of the popular hotel chain, visit hiltonworldwide.com/guestupdate for more details.
(Security Affairs –cybercrime, data breach)
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.