Payment card incidents are reported by Kimpton Hotels & Restaurants and Noble House Hotels & Resorts. In July and August, data breaches in more than 30 hotels has been detected. The U.S. Secret Services notified Noble House about ‘possible fraudulent activities’. Kimpton received such a report, too. Other hotels could be affected, too, i.e. Hutton Hotel in Nashville.
“Findings from the investigation show that malware was installed on servers that processed payment cards used at the restaurants and front desks of some of our hotels. The malware searched for track data read from the magnetic stripe of a payment card as it was being routed through the affected server. The malware primarily found track data that contained the card number, expiration date, and internal verification code, but in a small number of instances it may have found the track that also contains the cardholder name,” Kimpton reported in a new release.
This incident involved cards used at certain restaurants and hotel front desks from February 16, 2016 to July 7, 2016. A list of the affected hotel front desks and restaurants, along with the specific time frames for each (times vary by location) is located at www.kimptonhotels.com/protectingourguests.
At several hotels runned by Noble in California and Florida malware may have been installed on payment processing systems. The list of affected properties is published here.