A cyber attack might have left numerous Hilton Hotels hacked, with their clients’ credit and debit card info stolen, it has been reported on Tuesday, November 24.
Apparently, malware gained unauthorized access to the payment system pertaining to the international chain of hotels and resorts, and retrieved customers’ confidential data.
Some hotel restaurants, gift shops and other point-of-sale purchase locations within the hotel premises could have had their online security compromised, following this unlawful infiltration of their registers, Hilton’s reps have warned.
According to representatives of Hilton Worldwide Holdings Inc, an investigation is being conducted to determine whether the malicious software has indeed affected the good functioning of the famous hotel’s systems. Customers are strongly advised to check their bank account data to prevent any malicious activity.
So far, it has been determined that hackers did not produce major damages, such as, the theft of credit card data, cardholder names, full primary account numbers (PANs), expiration dates and card security codes. Nevertheless, the hotel chain wants to make sure all customers’ personal information is safe.
On the other hand, the malware didn’t obtain information such as the users’ personal identification numbers (PINs) or their full addresses.
As representatives of the global hospitality company have added, the clients who are likely to have had this private data compromised are those who have used their cards throughout a period of 17 weeks, extending from November 18 until December 5, 2014, as well as between April 21 and July 27, 2015.
If anyone has been a customer of the Hilton Hotels & Resorts during that length of time, and has used their card for undertaking transactions related to the hotel chain, they should definitely verify their bank statements, in order to identify potential credit or debit card fraud.
In the event that they detect any suspicious or irregular activity when reviewing their transactions and bank balance, they should immediately contact authorities so as to report this security incident.
For now, it’s uncertain exactly how many clients of the company founded by Conrad Hilton have fallen victim to this malicious software attack.
Payment card companies, forensics experts and police officers are still looking into the situation, with the aim to check if the security issue affected other countries where the international chain conducts its operations.
The company’s portfolio includes more than 4,500 hotels and timeshare properties, across 97 countries and territories, so the total number of customers whose personal information has been stolen might be tremendous.
It must be noted that another major data breach has occurred recently at Starwood Hotel & Resorts Worldwide Inc, one of the main rivals of the Hilton hotel chain.
On November 16, Marriott International had announced that it would acquire the Stamford, Connecticut-based company for $12.2 billion, so as to create the largest hotel chain in the world.
Shortly afterwards, on November 20, Starwood officials revealed that for a period of around 8 months, 54 of their hotels across North America had been targeted by malware, which had collected their customers’ payment card information.
Another similar incident was reported by Trump Hotel Collection also last month, and appears to have taken between May 19, 2014 and June 2, 2015, although forensic experts haven’t confirmed that customer data has actually been accessed and removed throughout that time.
Update: This article has been modified after it has been brought to our attention that the system of Hilton Worldwide Holdings Inc did not suffer a true cyber-attack. The company issued a warning, but did not confirm that customers’ data has been stolen during the malicious activity.
Image Source: Flickr