Hotel Data Breach Affects Properties in 10 States and D.C.
If you used a credit or debit card at one of 20 hotels operated by HEI Hotels & Resorts from March 2015 through June 2016, you might be the unwitting victim of a hotel data breach. The affected properties include several well-known brands, such as Starwood, Marriott, IHG and Hyatt, located in 10 states and the District of Columbia.
HEI says the security incident’s timeframe varied by property. Overall, the incident started in March 2015 and was discovered in late June 2016.
What data is at risk?
HEI says unauthorized individuals installed malicious software, or malware, on payment processing systems at the hotels. The malware can capture payment card information at the point of purchase. In this case, HEI says the captured information could have included:
- Cardholder’s name
- Account number
- Expiration date
- Verification code
Are you a victim?
If you think you might have been a customer at any of the affected properties, it’s worth going through your financial statements to make sure all the transactions are yours. In fact, it makes sense to review your transactions regularly, because you never know when a business you frequent may suffer a data breach.
There are steps you can take to help protect your personal information, which include paying with a credit card instead of a debit card. And, when it comes to traveling, carrying only one payment card—as opposed to several—can save you lots of pain if your wallet or purse is lost or stolen.
Editor’s note: This content was lightly edited and updated on Feb. 5, 2018.
Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.