In the wake of Target, Neiman Marcus and Michaels, White Lodging Services Corp is the latest to investigate a suspected data breach at 14 food and beverages outlets. It incorporates seven Marriott, two Holiday Inn, and two Renaissance hotels, one Sheraton, one Westin and one Radisson across the states of Illinois, Texas, Pennsylvania Colorado, Texas, Indiana, Virginia, Kentucky, Florida and Colorado.
However, at Radisson Star Plaza in Merrillville, Ind., the breach could have gone afar food and beverages outlets into the property management system that manages guest’s credit card information.
It is suspected that the security breach may have compromised credit and debit card information of customers who stayed at properties between the nine months period of March 20 – December 16 last year. Information such as customer’s name, credit or debit card numbers, the actual numbers, expiration date, and the three digit CVV security code may have been unlawfully accessed.
White Lodging immediately contacted federal law enforcement officials and commenced a review of all its other properties. It also contacted the financial institutions that deal into issue-reissue and monitoring of credit and debit card frauds.
The company said that, guests who didn’t use their card at restaurants and lounges as well as those who used their room accounts for purchases from outlets were not affected.
White Lodgings is arranging to proffer its affected customers one year of complimentary identity protection services and is also encouraging card holders to place fraud alert on their files. Marriott International said in a statement that the suspected breach did not impact any systems that Marriott owns or controls, but it was closely monitoring the situation. Hyatt stated that none of its five White Lodgings hotels were believed to have been affected.
The FBI sent a confidential three page report to retail companies encompassing of risks that memory-parsing malware pose which affect POS systems, including cash registers, credit-card swiping machines found in store checkout aisles.
Chronology of Data Breach at Retailers
The biggest data incursion in the history of cyber attacks involving the No. 3 US retailer Target Corp., affected 70million to 110million from November 27 through December 15 last year. Investigators deem that the data was attained through software installed on machines that customers use to swipe magnetic strips on their cards when shelling out for merchandise at Target stores. Neiman Marcus Group Ltd. Recently announced that the security breach last year may have affected about 1.1million cards. Both Target and Neiman Marcus were affected by malicious software installed on machines to steal payment card data. Based on preliminary investigations and in consideration of recent Target and Neiman Marcus breaches, Michaels Stores Inc. is currently working with investigators of the possibility of potential data breach. Analysts articulate that Target could face $400 million to $1.1 billion in fines from data breach, loss of sales and customer confidence. Seeing that 2013, the year of data breaches continue to send shockwaves across 2014, security experts warn dozens of companies globally to be affected.