A number of Hilton Hotels and franchise properties are under investigation after multiple banks have traced a pattern of credit card fraud linked to a number of Hilton locations.
Although VISA originally identified the fraud, multiple sources in the banking industry have determined that a common fraudulent point-of-purchase for cards have one thing in common: they were all used at various Hilton properties. This includes the company’s flagship Hilton locations in addition to Embassy Suites, Doubletree, Hampton Inn and Suites, and Waldorf Astoria Hotels & Resorts.
The breach does not appear to be linked to the guest reservation system – rather, the fraud seems to stem from compromised point-of-sale devices inside of franchised restaurants, gift shops & coffee shops within the Hilton properties.
The number of customers affected is currently unknown, but the fraudulent charges have been linked to dates ranging from April 21, 2015, to July 27, 2015.
In a written statement, a Hilton spokesperson said the company is currently investigating the breach claims.
“Hilton Worldwide is strongly committed to protecting our customers’ credit card information. We have many systems in place and work with some of the top experts in the field to address data security. Unfortunately, the possibility of fraudulent credit card activity is all too common for every company in today’s marketplace. We take any potential issue very seriously, and we are looking into this matter.”
According to a report recently published by the U.S. Department of Justice, around 7% of U.S. residents fell victim to identity theft during 2014, with 86% of victims experiencing the fraudulent use of existing credit card or bank account information. These POS attacks seem to evolve and having up to date network security infrastructure & continuous monitoring is becoming more important than ever.
By having Change Tracker Gen7 deployed in an organization's IT environment, breach prevention & detection has never been easier or more affordable! NNT’s Change Tracker Gen7 provides you with real-time File Integrity Monitoring, System Hardening, Change & Configuration Management & Compliance Management to help keep your IT environment as compliant & secure as possible.
Read the full article on KrebsonSecurity