Card Breach at Hilton Hotel Properties Under Investigation

September 26, 2015  By Pierluigi Paganini


Hilton Worldwide has issued an official statement informing its customers that the alleged data breach is currently under investigation.

As reported by Brian Krebs of Krebs on Security, several sources are claiming that Point-of-Sale (PoS) registers utilized by several businesses operating within a large quantity of Hilton Hotel and franchise properties across the United States.

These claims result from the correlation of data discovered throughout the duration of an unknown number of credit card fraud cases. The alleged common point-of-purchase for the cards being flagged as compromised was determined by five different banks, according to internal sources, to be one of several Hilton properties.

Hilton
These properties include not only just leading Hilton locations but also Hilton locations:

Embassy Suites, Doubletree, Hampton Inn and Suites, and Waldorf Astoria Hotels & Resorts.

In August of this year, Visa alerted several financial institutions to inform them that a breach had been discovered at a physical entity. Visa determined that the breach extended from April 21, 2015 to July 27, 2015.

The breached entities’ identity was not disclosed by Visa, as per their policy when distributing such alerts.

Hilton has issued an official statement that the alleged data breach is currently under investigation. The number of Hilton properties affected by this breach is currently unknown; however, Brian Krebs reports that several in-the-know sources have stated that this breach may have originated back as far as November 2014, and resultant nefarious activity may be ongoing.

In a statement to NBC News, a Hilton Worldwide spokesperson said it was aware of the report.

“Hilton Worldwide is strongly committed to protecting our customers’ credit card information. We have many systems in place and work with some of the top experts in the field to address data security. Unfortunately the possibility of fraudulent credit card activity is all too common for every company in today’s marketplace,” the statement said. “We take any potential issue very seriously, and we are looking into this matter.”

Source: Banks: Card Breach at Hilton Hotel Properties

About the Author Michael Fratello

Michael Fratello is a Security Engineer employed by CipherTechs, Inc., a privately held information security services provider located in downtown Manhattan, New York.  Specializing in Penetration Testing and Digital Forensics, Michael, a St. John’s University graduate majoring in Computer Security Systems, has developed a passion for information security and often spends his free time studying, programming, and researching the exponentially growing number of threats found in-the-wild today.

 

[adrotate banner=”9″] [adrotate banner=”12″]

Edited by Pierluigi Paganini

(Security Affairs –  Hilton Hotel, card data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]



Pierluigi Paganini
Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.





You might also like





  • Digging the Deep Web: Exploring the dark side of the web

    Digging The Deep Web

  • Center for Cyber Security and International Relations Studies

  • Subscribe Security Affairs Newsletter

    newsletter

  • SecurityAffairs awarded as Best European Cybersecurity Tech Blog at European Cybersecurity Blogger Awards

    EU Sec Bloggers Awards 22


More Story

Karma Police, how GCHQ tried to track every visible user on Internet

 A new collection of GCHQ's documents published by The Intercept reveals how the British Agency tried to track Web visits...