Luxury hotel chain Omni Hotels & Resorts said some if its 60 properties were hit by point-of-sale malware designed to steal payment card information.
While the company did not say how many of its locations were found harboring the threat, it’s not the first time PoS malware has been gunning for hotels and retailers. Hyatt Hotels, Target, Starwood Hotels & Resorts Worldwide and Hilton Worldwide Holdings are only some of the victims of this type of malware.
“On May 30, 2016, we discovered we were the victim of malware attacks on our network affecting specific point of sale systems on-site at some Omni properties,” reads the company’s official statement. “The malware was designed to collect certain payment card information, including cardholder name, credit/debit card number, security code and expiration date.”
Findings of the investigation suggest the malware was active between December 23 2015 and June 14 2016, while some systems might have been compromised for a shorter amount of time than that. There’s also indication that some of the collected information has been used by cybercriminals for online purchases, but Omni Hotels reassured it’s customers that only PoS transactions might have been intercepted, and not online payments.
“Accordingly, if you did not physically present your payment card at a point of sale system at one of the affected Omni locations, we do not believe your payment card was affected,” said Omnia. “Additionally, there is no evidence that other customer information, such as contact information, Social Security numbers or PINs, were affected by this issue.”
The statement goes on stating that customers that have visited any of the hotels locations within the aforementioned timeframe are encouraged to start checking their card statements for any suspicious payments or suspicious transactions.