HEI Hotels & Resorts, the company behind Hyatt, Sheraton, Marriott, Westin and other hotels, has reported a breach in their computer systems. The breach affected 20 hotels in ten states across the U.S. During this security incident the credit and debit cards used at some of their hotels may have been affected.
People who used their credit or debit cards while staying at or visiting the compromised hotels in the HEI Hotels & Resorts portfolio may have had key information accessed by hackers, including their name, card expiration date, card verification code and card account number. HEI Hotels & Resorts does not store payment card PIN numbers so they were not affected.
People who used their credit cards on the premises of the affected hotels at gift shop, restaurant or spa could have been compromised. They have posted a full list of the affected hotels on their website.
After being alerted to a possible breach they conducted an independent forensic investigation finding that their systems had been compromised by malware and took steps to shut it down.
They updated and reconfigured their payment card processing and point-of-sale systems to upgrade their security. The investigation on this breach is ongoing and they are working with law enforcement.
What if I stayed there?
HEI Hotels & Resorts suggests that people who visited any of the affected hotels and used their credit cards on the premises check their credit and debit card statements, and if they see any unusual activity contact their issuers immediately.
They also suggest if people see any unusual activity on their credit report to contact their local police in order to file a report on identity theft. They also suggest getting a copy of the report. To help people get more information about Identity theft protection they have a website.
HEI Hotels & Resorts owns more that 50 hotels located throughout the U.S.