Hotel giant admits customers’ credit cards compromised at 50-plus locations

Hotel room

Prayitno/Flickr (CC BY SA 2.0)

Owner of Sharaton, Westin admits customers at over 50 hotels may have had credit card info hacked.

Customers who have stayed at a Starwood-affiliated hotel recently should take a careful look at their recent credit card statements.

They include Sheraton, Westin, and W Hotels, among others in the Starwood line. The sales systems at 54 of its locations were affected with malware that shared payment information with an unknown party, Sergio Rivera, head of the company’s U.S. operations, wrote in an open letter Friday. “We sincerely regret any inconvenience this may cause,” Rivera noted.

Starwood properties tend to be luxury hotels with strong benefits for repeat customers, giving it a sort of cult following among its customers. That makes the fact that it was recently acquired by Marriott a tough pill for many customers to swallow.

The malware potentially affected customers who paid with a credit card not just for a hotel room, but also at gift shops and restaurants

The list of affected hotels includes more than 50 entries from across the United States, as well as one each in Canada and Puerto Rico. Times in which Starwood systems were affected vary by location, but range from late 2014 to the summer of 2015.

Luxury hotel chains are increasingly common targets for hackers. Notably, the five-star Trump Hotel Collection, owned by real estate mogul and Republican presidential hopeful Donald Trump, suffered a data breach that also may have compromised customers’ credit card information.

As is the corporate standard, Starwood is offering free identity protection programs and credit checks to its customers.

Photo via Prayitno/Flickr (CC BY SA 2.0)

Kevin Collier

Kevin Collier

A former senior politics reporter for the Daily Dot, Kevin Collier focuses on privacy, cybersecurity, and issues of importance to the open internet. Since leaving the Daily Dot in March 2016, he has served as a reporter for Vocativ and a cybersecurity correspondent for BuzzFeed.