November 24, 2015 by

Over 50 Starwood Hotels Struck by Credit Card Malware

Starwood Hotels and Resorts Worldwide has revealed that its point-of-sale systems located at more than 50 Starwood Hotels have been compromised in a credit card breach due to a malware.

Starwoold Hotels has announced that malware authors have gained access to debit and credit card details of shoppers who used the restaurants and stores at a total of 54 hotels that includes Sheraton and Westin hotel properties. The hotels are spread across Canada and the United States with the breach revealed to have started as early as November 2014 and continuing all the way up to April or May when it was discovered.

Starwood has published a complete list of affected properties, over 50 of them, here.

The revelation was made in an investor briefing where Starwood Hotels and Resorts noted that the guest reservation systems showed no indication of being affected as a part of the breach.

The malware was designed to collect details including:

  • Card holder name
  • Payment card number
  • Security code
  • Expiration date.

Sergio Reivera, President of Starwood in the Americas said:

Protecting our customers’ information is critically important to Starwood and we take this issue extremely seriously.

Quickly after we became aware of the possible issue, we took prompt action to determine the facts. We have been working closely with law enforcement authorities and have been coordinating our efforts with the payment card organizations.

Starwood also adds that any customers who may have dined or shopped in their properties are advised to review and monitor their card statements to check for irregular activity or fraudulent transactions.

Related article: Hackers Hit Hilton Hotels with a Credit Card Breach

Malware-driven credit card frauds targeting point-of-sale systems have been particularly menacing for hotel chains in recent times.

It was only last month when the Trump Hotel Collection revealed a credit card breach affecting its establishment across multiple properties. Similarly, another breach targeting the Hilton Hotel chain also breached credit and debit card fraud that were traced back to gift shops and restaurants, similar to the present Starwood hotels breach.

Lifars recommends its readers to look into their card statements closely for any irregular activity. Although you aren’t liable for fraud, it’s still upon you to spot fraudulent transactions to let your card issuer or bank know of the unauthorized transactions immediately.


About the author

Image of Author

LIFARS is a digital forensics and cybersecurity intelligence firm based in New York City. LIFARS is ranked as one of the top Digital Forensics and Cyber Investigations companies in 2016 and as one of the top cybersecurity companies in the New York metropolitan area for 2015 on the Cybersecurity 500 – a directory of the hottest and most innovative companies to watch in the cybersecurity industry.

Related articles

Security Researchers Discover Trove of 1.4 Billion Credentials

Security researchers at dark web monitoring firm 4iQ have stumbled upon a massive 41GB data file of...

Read more arrow_forward

Gartner Research: Cybersecurity Spending to Hit $96 Billion in 2018

Gartner has predicted worldwide security spending to increase by 8% in 2018 to hit a staggering $96...

Read more arrow_forward

Uber Paid 20-Year-old Florida Man to Destroy Data as ‘Bug Bounty’ Program

Uber has reportedly paid $100,000 as a pay-off to a hacker who stole the personal data of some 57...

Read more arrow_forward