Starwood Hotels has been affected by a malware attack while Marriott International has issued a warning about “scamming” phone calls.
Starwood, which is set to be taken over by Marriott in a $12.2 billion deal, admitted it had found malware inside some of its point-of-sale payment systems at 54 properties in the Americas region, including the US and Canada.
Meanwhile, Marriott has issued a warning about “fraudulent” telephone calls where the caller offers a free stay at a Marriott hotel to encourage consumers to listen to a sales pitch, which is not related to the hotel company.
Starwood said that its security breach had seen systems at the 54 North American properties, including several Sheraton, Westin and W hotels, being infected by malware, which affected some payment systems at restaurants, gift shops and other point-of-sale terminals within these hotels.
The company said that this malware had allowed unauthorised parties access to the card data of some customers, including cardholder name, payment card number, security code and expiration date. The malware was present on systems for periods ranging from one day to several months between November 2014 and October 2015.
But Starwood said there was “no evidence” that information such as PINs and contact details had been compromised.
Sergio Rivera, Starwood’s president for the Americas, said: “Protecting our customers’ information is critically important to Starwood and we take this issue extremely seriously.
“Quickly after we became aware of the possible issue, we took prompt action to determine the facts. We have been working closely with law enforcement authorities and have been coordinating our efforts with the payment card organisations.
“We want to assure our customers that we have implemented additional security measures to help prevent this type of crime from reoccurring.”
See full details of the Starwood hotels affected by the security breach.
Marriott warned customers about “scamming” phone calls being made around the world offering a stay at one of the chain’s hotels to listen to sales pitch.
The company said in a statement: “Marriott International has a longstanding commitment to protecting the privacy of the personal information that is entrusted to us.
“Marriott has not provided any information to the parties involved in these fraudulent calls. If you receive a suspicious telephone call, especially for a contest you did not enter, we urge you not to provide any personal information, especially credit card information. Instead, simply end the phone call.”