Hotel Data Breach Affects Properties in 10 States and D.C.
If you used a credit or debit card at one of 20 hotels operated by HEI Hotels & Resorts from March 2015 through June 2016, you might be the unwitting victim of a hotel data breach. The affected properties include several well-known brands, such as Starwood, Marriott, IHG and Hyatt, located in 10 states and the District of Columbia.
HEI says the security incident’s timeframe varied by property. Overall, the incident started in March 2015 and was discovered in late June 2016.
What data is at risk?
HEI says unauthorized individuals installed malicious software, or malware, on payment processing systems at the hotels. The malware can capture payment card information at the point of purchase. In this case, HEI says the captured information could have included:
- Cardholder’s name
- Account number
- Expiration date
- Verification code
Are you a victim?
If you think you might have been a customer at any of the affected properties, it’s worth going through your financial statements to make sure all the transactions are yours. In fact, it makes sense to review your transactions regularly, because you never know when a business you frequent may suffer a data breach.
There are steps you can take to help protect your personal information, which include paying with a credit card instead of a debit card. And, when it comes to traveling, carrying only one payment card—as opposed to several—can save you lots of pain if your wallet or purse is lost or stolen.
Editor’s note: This content was lightly edited and updated on Feb. 5, 2018.
Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.