Hotel management firm White Lodging seems to have had its systems compromised and the attackers managed to exfiltrate a yet unknown quantity of credit and debit card details.
The breach is still unconfirmed by the company, which is still investigating the claim and has said it will “provide meaningful information as soon as it becomes available.”
“Earlier this month, multiple sources in the banking industry began sharing data indicating that they were seeing a pattern of fraud on hundreds of cards that were all previously used at Marriott hotels from roughly March 23, 2013 on through the end of last year,” reported Brian Krebs.
“But those sames sources said they were puzzled by the pattern of fraud, because it was seen only at specific Marriott hotels, including locations in Austin, Chicago Denver, Los Angeles, Louisville and Tampa.”
Deeper researcher uncovered the common link between them: they are all operated by White Lodging.
Also, as it turns out, customers who paid for their stay at the front desk of a Marriott are not in danger or having their information misused, as the chain makes it mandatory for all its hotels – even those operated as a franchise – to use its property management system.
It is the ones who ate at the hotels’ restaurants and shopped at their gift shops that had their information stolen, and would do well to check their card statements carefully for any unauthorized charges.
White Lodging also runs hotel franchises under the Hilton, Sheraton and Westin brands, but whether their guests have been affected as well is yet to be discovered.