November 24, 2015 by

Over 50 Starwood Hotels Struck by Credit Card Malware

Starwood Hotels and Resorts Worldwide has revealed that its point-of-sale systems located at more than 50 Starwood Hotels have been compromised in a credit card breach due to a malware.

Starwoold Hotels has announced that malware authors have gained access to debit and credit card details of shoppers who used the restaurants and stores at a total of 54 hotels that includes Sheraton and Westin hotel properties. The hotels are spread across Canada and the United States with the breach revealed to have started as early as November 2014 and continuing all the way up to April or May when it was discovered.

Starwood has published a complete list of affected properties, over 50 of them, here.

The revelation was made in an investor briefing where Starwood Hotels and Resorts noted that the guest reservation systems showed no indication of being affected as a part of the breach.

The malware was designed to collect details including:

  • Card holder name
  • Payment card number
  • Security code
  • Expiration date.

Sergio Reivera, President of Starwood in the Americas said:

Protecting our customers’ information is critically important to Starwood and we take this issue extremely seriously.

Quickly after we became aware of the possible issue, we took prompt action to determine the facts. We have been working closely with law enforcement authorities and have been coordinating our efforts with the payment card organizations.

Starwood also adds that any customers who may have dined or shopped in their properties are advised to review and monitor their card statements to check for irregular activity or fraudulent transactions.

Related article: Hackers Hit Hilton Hotels with a Credit Card Breach

Malware-driven credit card frauds targeting point-of-sale systems have been particularly menacing for hotel chains in recent times.

It was only last month when the Trump Hotel Collection revealed a credit card breach affecting its establishment across multiple properties. Similarly, another breach targeting the Hilton Hotel chain also breached credit and debit card fraud that were traced back to gift shops and restaurants, similar to the present Starwood hotels breach.

Lifars recommends its readers to look into their card statements closely for any irregular activity. Although you aren’t liable for fraud, it’s still upon you to spot fraudulent transactions to let your card issuer or bank know of the unauthorized transactions immediately.


About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Fake SWIFT Service Emails Delivers Adwind Remote Access Trojan

An email phishing campaign has attempted to infect unsuspecting victims with the Adwind...

Read more arrow_forward

Tesla’s Cloud Account Hacked to Mine Cryptocurrency

Tesla’s cloud environment has been exploited by hackers who used the computational power to mine...

Read more arrow_forward

Snapchat Phishing Attack Swipes Credentials of Over 50,000 USers

Details have emerged on a phishing attack which saw hackers steal the credentials of over 50,000...

Read more arrow_forward