Hilton would not disclose whether data was taken, but warned anyone who used credit cards at Hilton Worldwide hotels between November 18 and December 5 of last year or April 21 and July 27 of this year to watch for irregular activity in their accounts.
Information swiped by malicious code that infected systems included credit card holders’ names along with card numbers, security codes and expiration dates, Hilton global brands executive vice president Jim Holthouser said in an online post on Tuesday.
The hackers did not get people’s addresses or personal identification numbers, according to Holthouser.
Hilton said that it is investigating the breach with the help of third-party forensics experts, law enforcement and payment card companies.
The announcement came just four days after Starwood Hotels, which operates the Sheraton and Westin chains, said hackers had infected payment systems in some of its establishments, potentially leaking customer credit card data.
The hack occurred at A “limited number” of its hotels in North America, according to Starwood, whose other well-known chains include St Regis and W Hotels.
Starwood said an investigation by forensic experts concluded that malware was detected in some restaurants, gift shops and other points-of-sale systems at hotels.
“The malware was designed to collect certain payment card information, including cardholder name, payment card number, security code and expiration date,” the group said in a statement.
Help our journalists uncover the facts
In times like these InDaily provides valuable, local independent journalism in South Australia. As a news organisation it offers an alternative to The Advertiser, a different voice and a closer look at what is happening in our city and state for free. Any contribution to help fund our work is appreciated. Please click below to donate to InDaily.