Just weeks after its announced acquisition by Marriott International, Starwood Hotels and Resorts Worldwide is warning customers of a possible credit card breach.
The hotel chain published a list of over 50 locations that were impacted in the breach. Though some of Starwood's other locations were compromised, the security issues seemed targeted at three of the company's most prominent brands: Sheraton, W and Westin. Hotels all over the U.S. were included in the list, as well as two hotels in Montreal and one in Puerto Rico.
Impacted dates vary by location. The bulk of the incidents began in either early November 2014 or on March 2 of this year. Most of the breaches ceased between this past April and June, but one particular location, the French Quarter W in New Orleans, lasted until late October 2015.
Similarly to other prior hotel breaches, security leak was a result of malware on point of sale systems mainly in restaurants and gift shops located on the premises. In a letter written to customers, the president of Starwood in the Americas, Sergio Rivera, explained that the hack collected the cardholder's name and credit card number, as well as the corresponding security code and expiration date. There is currently no indication that reservation or the Starwood Preferred Guest membership systems were affected.
"We sincerely regret any inconvenience this may cause. We take our obligation to safeguard personal information very seriously and are alerting affected customers about this incident so they can take steps to help protect their information," wrote Rivera in the letter.
Situations like this are where disaster recovery plans are helpful. To find help in developing a plan for your business, consider seeking the advise of a disaster recovery planning consultant.