The payment system at a number of properties of HEI Hospitality – the hospitality operator that runs over 30 upscale hotels across the U.S. under brand names as Marriott, Hilton, Sheraton and others – has been breached and card data of some 3,400 customers has been compromised, says Databreaches.net.
The New Hampshire Attorney General’s Office has been notified of the fact, and the customers whose data might have been stolen received a letter earlier this month notifying them of the occurrence.
In the letter – sent to a customer who stayed at the Algonquin Hotel in New York – it states that they believe that the electronic point-of sale and the property management system used at check-in was “illegally accessed and credit card transactions processed between March 25, 2010 and April 17, 2010 were potentially subject to illegal interception.”
The system is used at the restaurants, bars and gift shops of the hotel, and the compromised information includes credit card type, number, expiration date, security code and the information encoded on the magnetic stripe.
So far, they claim, there are no indications that the stolen information was misused, but they urge potential victims to keep an eye on their account statements and their credit reports. They have also provided them a one year free credit card monitoring service, which includes identity theft insurance.
Among the other hotels that were breached are the Marriott Fullerton at California State University, Detroit Marriott Southfield, Renaissance Fort Lauderdale Port Everglades Hotel, Marriott Dallas/Fort Worth Hotel & Golf Club at Champions Circle and Atlanta Marriott at Norcross, Sheraton Crystal City Hotel, The Westin Minneapolis, The Equinox, a Luxury Collection Golf Resort & Spa, Sheraton Music City Hotel, and the Westin St. Louis Hotel.