One of the biggest hotel chains in the world is now investigating a possible breach in security, which would mean millions of Hilton Worldwide customer credit card numbers could potentially be compromised.
As reported by NBC News, Hilton has reported that the possible breach came as a result of hackers accessing information through multiple Hilton Hotel properties across the United States. It’s not currently clear how many Hilton hotels were affected by the cyber attacks, but the sheer number of Hilton properties could mean massive amounts of stolen customer data.
The possible breach could have begun as far back as last November, putting millions at risk of compromised credit card information. While Hilton Hotels is still investigating the security breach to confirm whether or not it actually happened, Komando reports that things are not looking good. In addition to Hilton Hotel properties, many subsidiaries were also hit, including Doubletree, Embassy Suites, Hampton Inn, and the Waldorf Astoria Hotels and Resorts. The statement issued by Hilton Hotels suggests that the company is handling the possible breach as a serious concern, most likely because it is one.
“Hilton Worldwide is strongly committed to protecting our customers’ credit card information. We have many systems in place and work with some of the top experts in the field to address data security. Unfortunately the possibility of fraudulent credit card activity is all too common for every company in today’s marketplace. We take any potential issue very seriously, and we are looking into this matter.”
The possible breach was first discovered by the Visa credit card company, who sent multiple confidential fraud reports to financial institutions claiming that a number of credit card numbers had possibly been compromised. They claimed that a large company had been affected by the possible breach, but did not name which entity due to Visa privacy policies. All of the stolen credit card information had a common link: they could all be traced back to Hilton Hotels. The attacks specifically originated from point-of-sale registers within Hilton Hotel restaurants and gift shops.
According to Krebs On Security, this is a different kind of attack than the previous breaches in hotel security that hit Mandarin Oriental and White Lodging properties by exploiting the guest reservation systems. The Hilton Hotel hackers targeted specific cash registers within coffee shops and cafes, seemingly hijacking credit card information as transactions occurred. What’s worse is the fact that these security breaches could be ongoing, meaning that until Hilton identifies the source of the cyber attacks, more information could potentially be stolen.
“[Hilton Hotels] will have to investigate whether the stores in their establishments are up to snuff with respect to the latest card security standards, and take remedial action if not,” Krebs explained. “In the meantime, the company’s brand is likely to take a hit, even if the reservation systems within the hotels weren’t affected.”
The Hilton Hotels’ possible breach in security is still being investigated, so check back for more updates on how the story has developed.
For more on cyber attacks and security breaches, read about how the IRS itself was compromised by a group of hackers, possibly resulting in countless tax payers losing their information to criminals. Or read about how credit scammers have found new ways to steal security codes from the backs of credit cards, in addition to the credit card numbers.
Do you think Hilton Hotels was hit by a cyber attack? And if you stayed at a Hilton Hotel or a subsidiary hotel since November of 2014, do you believe this possible breach is a cause for concern?