Marriott franchisee reveals cyber breach lasting seven monthsPosted On: Apr. 9, 2015 12:00 AM CST
A hotel management company said there has been a suspected seven-months-long cyber breach in the point-of-sale systems at food and beverage outlets at 10 of its hotels, primarily establishments it operates as a franchisee for Marriott International Inc.
Merrillville, Indiana-based White Lodging Services Corp. on Wednesday said the breach occurred between July 3, 2014, and Feb. 6, 2015, and the breached data includes names printed on customers' credit or debit cards, card numbers, their security codes and the cards' expiration dates.
The company said preliminary results of a forensic review indicate systems used at its hotels' front desks were not affected by the breach. Guests who charged to their room account at these outlets are also not believed to be affected.
“After suffering a malware incident in 2014, we took various actions to prevent a recurrence, including engaging a third-party security firm to provide security technology and managed services,” Dave Sibley, president and CEO of hospitality management at the independent hotel management company, said in a statement. “These security measures were unable to stop the current malware occurrence on point-of-sale systems at food and beverage outlets in 10 hotels that we manage. We continue to remain committed to investing in the measures necessary to protect the personal information entrusted to us by our valuable guests. We deeply regret and apologize for this situation.”
The company is offering one-year complimentary fraud resolution and identity protection services in connection with the breach, which is being investigated.
Seven of the 10 hotels are operated by White Lodging as a franchisee of Bethesda-Maryland-based Marriott. The food and beverage outlets affected are located at:
• Indianapolis Marriott Downtown, Indianapolis
• Chicago Marriott Midway Airport, Chicago
• Auburn Hills Marriott Pontiac at Centerpoint, Pontiac, Michigan
• Austin Marriott South Airport, Austin, Texas
• Boulder Marriott, Boulder, Colorado
• Denver Marriott South at Park Meadows, Denver
• Louisville Marriott Downtown, Louisville, Kentucky
• Renaissance Boulder Flatiron, Broomfield, Colorado
• Courtyard Austin Downtown, Austin, Texas
• Sheraton Hotel Erie Bayfront, Erie, Pennsylvania
A company spokesman could not be reached for further comment.
There has been litigation between the Federal Trade Commission and Parsippany, New Jersey-based hotel chain Wyndham Worldwide Corp. over three breaches at the hotel chain that occurred between April, 2008 and January 2010.