After being hit by POS malware on fourteen of it’s managed hotels in the previous year, White Lodging Services experience yet another data breach against point-of-sale systems on ten more hotels, that potentially exposed payment card data for an undisclosed number of customers. The POS systems in the restaurants and lounges of the hotels were affected from July 3, 2014, through February 6, 2015 in hotels from Colorado, Illinois, Indiana, Kentucky, Michigan, Pennsylvania and Texas.
The latest breach was initially discovered on Jan 27, 2015 when the company was informed of unusual activity on credit cards used at four different Marriott hotels they manage. This particular breach risked names, payment card numbers, card security numbers and expiration dates to those who are unauthorized to access this particular data.
Upon learning of the suspected data breach, company officials immediately notified the U.S. Secret Service, contacted federal law enforcement officials and initiated a third-party forensic review. Through the investigation, they were able to detect malicious software on a number of point-of-sale terminals used at the food and beverage outlets of the hotel. This malicious software puts any credit/debit card data entered onto these devices at risk.
Although White Lodging Services has previously attempted to secure its data and networks, they are again taking this data breach seriously and taking whatever actions needed in order to secure their data and ensure that their customers are safe. Also, White Lodging Services is offering one year of free fraud resolution and identity services to those affected, and are also encouraging anyone to review their statements if they used a debit or credit card in the food and beverage outlets of the hotels.
– Destiny Pacheco