Another Day, Another Hack: Credit Card Stealing Malware Hits Hotel Chain

The Starwood hotel chain reveals 54 of its establishments were infiltrated by malware designed to steal credit card information.

Nov 20 2015, 8:26pm

Image: Che Saitta-Zelterman

Quite literally, every day someone gets hacked. Whether that's a telecommunications company having its customer data stolen, or another chain of businesses being ripped for all the credit cards it processes, today one hack just seems to melt into another.

That's why we're launching this new format: Another Day, Another Hack. We'll do short posts giving you what you need to know about the hack, so you can figure out whether your bank account, website logins or anything else might be at risk. Because, even if the hack might not be the most sophisticated, and as new data breaches fight for your attention, real people are still getting fucked over somewhere, and should know about it.

The hotel and resorts chain Starwood, one of the largest in the world with more than 1,200 properties, revealed on Friday that 54 of its hotels were hit with malware designed to collect debit or credit card information such as names, numbers, security codes and expiration dates.

The attack targeted "some point of sale systems" at restaurants gift shops and "other" systems, but "there's no indication" that it also affected the guest reservation system, according to a letter to customers published by Starwood.

The hotel chain also released a list of all the hotels and resorts affected, as well as the dates those establishments were exposed to the malware.

"We sincerely regret any inconvenience this may cause," Starwood's president for the Americas wrote. "We take our obligation to safeguard personal information very seriously and are alerting affected customers about this incident so they can take steps to help protect their information."

Starwood, as is customary in these cases, is offering a free year of identity theft and credit monitoring services for the affected victims, though it's unclear at this point how many people were hit by this attack.

The lesson: Point-of-sale malware has been hitting several big chain hotels. As a consumer, there's not much you can do other than go full paranoid and not use credit cards, which we advise against. The lesson here is to be on the lookout and monitor your account closely for potential fraud.

Another day, another hack.