HEI Hotels & Resorts operates a slew of popular hotels—including Starwood, Marriott, Hyatt, and others.
If you stayed at a major hotel chain in recent months, you might want to check your credit card statement.
HEI Hotels & Resorts, which operates a slew of popular hotels—including Starwood, Marriott, Hyatt, and others—says that 20 of its properties were hacked and payment card data stolen by hackers.
The company pointed to “point-of-sale terminals, such as food and beverage outlets” as the source of the breach at properties like the Boca Raton Marriott at Boca Center, the Royal Palm South Beach Miami, and The Westin Minneapolis, among others.
“HEI was recently alerted to a potential security incident by its card processor,” the company said in a statement. “Based upon an extensive forensic investigation, it appears that unauthorized individuals installed malicious software on our payment processing systems at certain properties designed to capture payment card information as it was routed through these systems.”
According to HEI, names, payment card account numbers, expiration dates, and verification codes were stolen in the hack.
Some breaches date back to March 2015, though timing varies depending on the hotel.
HEI says it has contained the hack and safeguarded its systems.
Those who are concerned can contact the company at 888-849-1113 between 9 a.m. and 9 p.m.
ET, Monday through Friday.
“We have contacted law enforcement and will continue to cooperate with their investigation,” the company said in a statement. “We are also coordinating with the banks and payment card companies. While we are continuing to review and enhance our security measures, the incident has now been contained and customers can safely use payment cards at all HEI properties.”
Of course, corporate hacks are nothing new, and credit card data is a hot commodity on the dark Web, where stolen information is often bought and sold with bitcoin or other cryptocurrencies.
In fact, over the last several years, major retailers, from Target to smaller retailers, have been hacked and seen their credit card information stolen.