Hilton would not disclose whether data was taken, but warned anyone who used credit cards at Hilton Worldwide hotels between November 18 and December 5 of last year or April 21 and July 27 of this year to watch for irregular activity in their accounts.
Information swiped by malicious code that infected systems included credit card holders’ names along with card numbers, security codes and expiration dates, Hilton global brands executive vice president Jim Holthouser said in an online post on Tuesday.
The hackers did not get people’s addresses or personal identification numbers, according to Holthouser.
Hilton said that it is investigating the breach with the help of third-party forensics experts, law enforcement and payment card companies.
The announcement came just four days after Starwood Hotels, which operates the Sheraton and Westin chains, said hackers had infected payment systems in some of its establishments, potentially leaking customer credit card data.
The hack occurred at A “limited number” of its hotels in North America, according to Starwood, whose other well-known chains include St Regis and W Hotels.
Starwood said an investigation by forensic experts concluded that malware was detected in some restaurants, gift shops and other points-of-sale systems at hotels.
“The malware was designed to collect certain payment card information, including cardholder name, payment card number, security code and expiration date,” the group said in a statement.
Make your contribution to independent news
A donation of any size to InDaily goes directly to helping our journalists uncover the facts. South Australia needs more than one voice to guide it forward, and we’d truly appreciate your contribution. Please click below to donate to InDaily.