Following the large-scale data breaches at retail stores including Target and Neiman Marcus, it now appears that hotels were similarly targeted. White Lodging, a hotel management company that maintains a portfolio of Marriott, Hilton, and Starwood properties is investigating a data breach that affected POS systems at 14 of the company’s properties.
The suspected breach took place between March 20 and Dec. 16, 2013 and is believed to have been contained to the food and beverage outlets at the hotels. In addition, there is one property—the Radisson Star Plaza in Merrillville, Ind.— where the point of sale system and property management system are both suspected to have fallen prey to the breach.
The accessed data may have included names printed on customers’ credit or debit cards, credit or debit card numbers, the security code, and card expiration dates. Guests who used or visited the affected businesses during the nine month-period and who used a credit or debit card to pay their bills at the outlets might have had such information compromised and White Lodging is encouraging consumers to review their statements from that time period.
The affected properties include: Marriott Midway, Chicago, Ill.; Holiday Inn Midway, Chicago, Ill.; Holiday Inn Austin Northwest, Austin, Texas; Sheraton Erie Bayfront, Erie, Pa.; Westin Austin at the Domain, Austin, Texas; Marriott Boulder, Boulder, Colo.; Marriott Denver South, Denver, Colo.; Marriott Austin South, Austin, Texas; Marriott Indianapolis Downtown, Indianapolis, Ind.; Marriott Richmond Downtown, Richmond, Va.; Marriott Louisville Downtown, Louisville Ky.; Renaissance Plantation, Plantation, Fla.; Renaissance Broomfield Flatiron, Broomfield, Colo.; Radisson Star Plaza, Merrillville, Ind.
In a statement released by Marriott in response to the breach, the hotel company said: “We are working closely with the franchise management company as they investigate the matter. Since this impacts customers of Marriott properties, we want to provide assurance that Marriott has a long-standing commitment to protect the privacy of the personal information that our guests entrust to us, and we will continue to monitor the situation closely.”
White Lodging also released a statement saying: “We deeply regret and apologize for any inconvenience caused by this incident and remain committed to protecting all information entrusted to us by our guests.”
White Lodging says that is will continue to provide updated information on its website www.whitelodging.com.