Device Hardening and Continuous Compliance Monitoring CONTINUOUS COMPLIANCE
PCI POS breach

The California based hotel company, Evans Hotels, has become a recent victim of compromised payment card data.

Evans Hotels- which operates the Bahia Resort Hotel, Catamaran Resort Hotel & Spa, and The Lodge at Torrey Pines- admitted to having used back-up card readers that do not encrypt credit card data when swiped. To add accident to injury, they later discover that malware had been installed on the front desk computers of all properties.

The number of victims affected by this POS breach is currently uncertain, but Evans Hotel has determined that cards swiped through the back-up readers between September 2014 and March 5 2015 may have had their credentials compromised.

The backup payment card readers have since been removed from all properties and the hotel chain is working with a computer security firm to implement additional security initiatives.

An announcement recently published on the Evans Hotel website stated, “We worked extensively to identify only those guests whose cards were swiped through the backup readers during this time frame, but we were not able to reliably make that distinction from our records. Because we were not able to specifically identify the small percentage of guests whose cards were swiped through the backup readers, if you used a card at one of our properties during this time frame, we recommend that you regularly review your account statement for any unauthorized activity”.

According to the Verizon 2014 Data Breach Investigations Report, industries most commonly affected by POS intrusions often include: Restaurants, hotels & grocery stores. It’s vitally important that hospitality organizations both large and small take the initiative to implement security solutions like File Integrity Monitoring and Change & Configuration Management within their IT environments to help protect their customer’s credentials & information from a possible breach.


See more on PCI DSS Compliance

Read the full release on the Evans Hotel Website

You can read the full article on SC Magazine here

Share this blog post

USA Offices
New Net Technologies Ltd
9128 Strada Place
Naples, Florida, 34108
201 17th Street, Suite 300
Atlanta, Georgia, 30363.

Tel: 1-888-898-0674
NNT Logo
UK Office
New Net Technologies Ltd
Spectrum House, Dunstable Road
St Albans


Tel: 08456 585 005
Fax: 08456 122 031
Connect with NNT
Google+ Linkedin Twitter - Change Tracker Facebook rss feed YouTube
Sign up to NNT's IT security and compliance monthly newsletter. Get breaking security news, how-to tips, trends and commentary direct to your inbox.