The hotel chain Hilton Worldwide Holdings admitted that crooks stole credit card information from some of its PoS systems, but hasn’t provided detailed info on the extent of the data breach. The company Hilton Worldwide is warning its customers who used credit cards at its hotels between November 18 and December 5 of last year or April 21 and July 27 of this year to monitor their banking account for any suspicious activity.
According to the Hilton global brands executive vice president Jim Holthouser, the malware infected the PoS systems, allowing the cyber criminals to steal customers’ data, including credit card holders’ names, card numbers, security codes and expiration dates.
“Hilton Worldwide (NYSE: HLT) has identified and taken action to eradicate unauthorized malware that targeted payment card information in some point-of-sale systems. Hilton immediately launched an investigation and has further strengthened its systems.” reads a press release issued by the Hilton Worldwide Holdings.
“Hilton Worldwide worked closely with third-party forensics experts, law enforcement and payment card companies in this investigation, and determined that the specific payment card information was targeted by this malware. This information includes cardholder names, payment card numbers, security codes and expiration dates, but no addresses or personal identification numbers (PINs).”
It seems that customers’ addresses and personal identification numbers were not compromised in the data breach.
Hilton hired a forensic firm to investigate the cyber attack, along with law enforcement and payment card companies.
A few days ago another hotel chain was affected by a serious data breach, Starwood Hotels announced that hackers had infected payment systems, potentially exposing customers’ financial data, including credit card data.
If you are a customer of the popular hotel chain, visit hiltonworldwide.com/guestupdate for more details.
(Security Affairs –cybercrime, data breach)