Hackers used malware to steal customers' payment card information from Starwood hotels across the country, including some Sheraton, Westin and W hotels. Are you at risk?
Starwood Hotels & Resorts is the latest victim of a cyberattack.
The popular hotel chain said debit card- and credit card-stealing malware was discovered on payment systems at restaurants, gift shops, bars and other retail areas at 54 of its North American hotels, most of which are in the United States. The hotels’ front desks, where guests pay for their stay, were not affected by the data breach.
“We have been working closely with law enforcement authorities and coordinating our efforts with the payment card organizations to determine the facts,” Sergio Rivera, president of The Americas at Starwood Hotels, wrote in a letter to its customers. “We want to assure you that protecting the security of our customers’ personal information is a top priority for Starwood.”
This is what you should know about the Starwood Hotels’ data breach:
- Which hotels were affected: Click here to see the list of 54 Starwood hotels affected by the breach.
- When the breach occurred: The card-stealing malware infected payment systems for varying lengths of time between November 2014 and October 2015.
- Payment systems that were affected: The hotelier said its front desk payment systems weren’t affected, but its retail payment systems, including those found in the affected hotels’ restaurants, gift shops and bars were hacked.
- Information that was exposed: According to the Associated Press, the malware exposed the names, credit and debit card numbers, security codes and expiration dates. The hotelier said contact information and PIN numbers weren’t exposed.
Starwood is offering affected customers one year of free identity protection and credit monitoring services through AllClear ID.
If you’re worried that your payment information may have been exposed in the cyberattack, you should monitor your current and past account statements. Starwood also recommends that you immediately contact your bank or card issuer if you suspect your card information has been exposed.
Have you been a victim of a data breach? Share your experiences below or on our Facebook page.