In the past few weeks, reports from several players in the banking industry have revealed that hackers may have gained entry into the financial system of the Hilton Hotel. The revelations indicate that the customers of the luxury hotel chain and its entities within the United States may have fallen victim to credit card fraud. This is due to the alleged infiltration by hackers into their point of sale registers not only at restaurants but also at gift shops. Following this claim, the hotel’s management has indicated that it has launched an investigation into the matter.
In the month of August, Visa warned a large number of banks that the financial system of an unnamed brick and mortar entity may have been compromised between 21st April and 27th July 2015. In addition to the alerts, the credit card provider gave each of the banks the card numbers that may have been defrauded. However, Visa failed to give the name of the specific entity whose system had been compromised in accordance with its confidentiality policy. This means that it was up to the institutions themselves to discover the origin and cause of such breaches.
Despite this, the investigations by five different banks have led to a common link between all the compromised cards: They made transactions at one or more of Hilton properties. It has emerged that the breach was widespread and affected several of its entities. These included its flagship locations, Hampton Inn and Suites, Doubletree, Embassy Suites and the upscale Waldorf Astoria Hotels & Resorts. A spokesperson for the company reiterated by way of a written statement that it is investigating it.
“Hilton Worldwide is strongly committed to protecting our customers’ credit card information,” said the spokesperson. Furthermore, the company indicated that it has a set of advanced security systems as well as experts in the field to guarantee customers of the security of their credit card information. The spokesperson concluded that, “Unfortunately the possibility of fraudulent credit card activity is all too common for every company in today’s marketplace. We take any potential issue very seriously, and we are looking into this matter.”
The compromise follows the pattern of similar ones in the recent past such as the credit card breaches in entities of including Mandarin Oriental and White Lodging hotels. The breaches are not related in any way to the guest reservation systems but seem to originate from point of sale devices. These devices are those which are located in a wide array of entities including franchised restaurants, coffee bars and gift shops in Hilton properties. This implies that the rest of the entities within the chain may not have been compromised.
This is still a developing story and the actual number of Hilton properties that may have been compromised is not known. A number of key players within the financial sector have indicated to KrebsOnSecurity that the breach may go as far back as November 2014 and might still be taking place.
Logo Pic : http://i.ndtvimg.com/i/2015-09/hilton-hotel_650x400_81443293902.jpg