Hotel management firm White Lodging Services Corp has suffered a data breach, roughly a year after a previous data breach.
The latest breach was a malware attack against point-of-sale (POS) systems at 10 hotels. Customer data at risk includes names, payment card numbers, card security codes, and expiration dates.
Affected locations are as follows:
- Indianapolis Marriott Downtown, Indianapolis, IN
- Chicago Marriott Midway Airport, Chicago, IL
- Auburn Hills Marriott Pontiac at Centerpoint, Pontiac, MI
- Austin Marriott South Airport, Austin, TX
- Boulder Marriott, Boulder, CO
- Denver Marriott South at Park Meadows, Denver, CO
- Louisville Marriott Downtown, Louisville, KY
- Renaissance Boulder Flatiron, Broomfield, CO
- Courtyard Austin Downtown, Austin, TX
- Sheraton Hotel Erie Bayfront, Erie, PA
In a press release announcing the breach, White Lodging says: “Guests who used or visited the affected food and beverage outlets during the seven month-period and who used a credit or debit card to pay their bills at the outlets might have had such information compromised and are encouraged to review their statements from that time period.”
The press release continues: “After suffering a malware incident in 2014, we took various actions to prevent a recurrence, including engaging a third party security firm to provide security technology and managed services. These security measures were unable to stop the current malware occurrence on point of sale systems at food and beverage outlets in 10 hotels that we manage. We continue to remain committed to investing in the measures necessary to protect the personal information entrusted to us by our valuable guests. We deeply regret and apologize for this situation.”
White Lodging Services is offering the usual free credit reporting services that organizations offer when a breach happens. I’m not sure how much confidence I’d have in using one of the hotels managed by White Lodging Services, though, and I’m sure many other customers feel the same.