Daily cyber threats and internet security news: network security, online safety and latest security alerts
September 11th, 2010

HEI Hotels & Resorts Point-of-Sale Systems Breached, Credit Card Data Stolen

Customer credit cards have been compromised after the electronic Point-of-Sale (PoS) systems at multiple hotels owned by HEI Hospitality (HEI Hotels & Resorts) were breached. The data leak incident was reported to the New Hampshire Office of the Attorney General by lawyers representing the company in a letter dated September 2.

“Based on HEI’s investigation to date, it has determined a vulnerability in an information system at certain of its hotel properties may have been exploited, and credit card information related to certain transactions occurring between between March 25 and April 17, 2010 may have been compromised,” the letter reads.

HEI Hospitality is based in Norwalk, Connecticut, but owns numerous hotels and resorts across the United States, including some operating under world renowned brands like Westin, Marriott, Hilton, Embassy Suites, Le Meridien, Sheraton, Renaissance or Crowne Plaza.

The stolen information is believed to include credit card type, number, expiration date, security code and the data contained on the magnetic stripe.

The company is not aware of any case in which the compromised information was misused, but nevertheless, it offers a one-year free subscription to a credit monitoring service and identity theft insurance to all individuals affected by the incident.

Amongst the HEI properties where the PoS systems were compromised are Marriott Fullerton at California State University, Detroit Marriott Southfield, Renaissance Fort Lauderdale Port Everglades Hotel, Marriott Dallas/Fort Worth Hotel & Golf Club at Champions Circle, Atlanta Marriott at Norcross, Sheraton Crystal City Hotel, The Westin Minneapolis, The Equinox, a Luxury Collection Golf Resort & Spa, Sheraton Music City Hotel, and the Westin St. Louis Hotel.

It looks like hackers are increasingly targeting vulnerable systems at hotels. Back in June a similar breach affected customers of 21 properties owned by Destination Hotels & Resorts.

Credit: News

Share this item with others:

More on CyberInsecure:
  • Radisson Hotels Breached, Sensitive Customer Data Exposed
  • Best Western Hotel Online Booking Breached, 8 Million Victims In Personal Data Theft
  • Disk Containing Data on 17 Million T-Mobile Customers Missing, The Data Is For Sale
  • Stolen Credit Cards For Sale
  • Scammers Scrape RAM For Bank Card Data

  • If you found this information useful, consider linking to it from your own website.
    Just copy and paste the code below into your website (Ctrl+C to copy)
    It will look like this: HEI Hotels & Resorts Point-of-Sale Systems Breached, Credit Card Data Stolen

    Leave a Reply

    Comments with unsolicited links to other resources will be marked as spam. DO NOT leave links in comments. Please leave your real email, it wont be published.

    To prove you’re a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.