Hilton, Trump hotel chains hit by PoS malware

“Payment card data of visitors of a number of Hilton and Trump hotels in the US have been compromised, and some of it is being already used by crooks to rack up fraudulent charges.

A few days after Brian Krebs reported that his sources at five different banks believe that PoS registers in gift shops and restaurants at a number of Hilton Hotels across the US have been compromised, a notice on the webpage of the Trump Hotel Collection chain confirmed that malware has been found on some of their hotels’ systems.

“While the independent forensic investigator did not find evidence that information was taken from the Hotels systems, it appears that there may have been unauthorized malware access to payment card information as it was inputted into the payment card systems,” the notice says.

“Payment card data (including payment card account number, card expiration date, and security code) of individuals who used a payment card at the Hotel between May 19, 2014, and June 2, 2015, may have been affected. For transactions on the point-of-sale terminals at the Las Vegas and Waikiki properties, cardholder name may also have been affected.”

The following hotels managed by the company have been targeted: Trump SoHo New York, Trump National Doral, Trump International New York, Trump International Chicago, Trump International Waikiki, Trump International Hotel & Tower Las Vegas, and Trump International Toronto.

The company has notified the FBI and financial institutions about the incident. They have cleaned the systems of the malware and are reconfiguring various components of their network and payment systems to further secure our payment card processing systems.

Free fraud resolution and identity protection services have been offered to potentially affected users, who were notified of the matter via a letter sent by a law firm representing the company.

Unfortunately, neither the letter nor the notice on the site are dated, and they contain no details about how the compromise has been discovered or how many customers have possibly been affected. Krebs’ sources pointed to a breach back in July.

The Hilton chain is still investigating the breach, but according to the sources, sales terminals at Embassy Suites, Doubletree, Hampton Inn and Suites, and Waldorf Astoria Hotels & Resorts were compromised.”