Menu
White Lodging Services confirms second payment card breach

White Lodging Services confirms second payment card breach

Security measures put in place after a first breach last year failed to stop hackers from striking again

A large hotel management company has confirmed a second payment card breach in less than 14 months, underscoring the difficulties businesses are having with data thieves.

White Lodging Services said the second breach was detected on Jan. 27 after unusual payment card activity was discovered on credit cards used at four Marriott-branded hotels. The compromised data includes customer names, card numbers, security codes and expiration dates, it said in a statement.

The Merrillville, Indiana-based company manages hotels under agreements with hotels owners and is a separate entity from the specific hotel brands it operates.

In February 2014, White Lodging said point-of-sale systems at restaurants and lounges on 14 of its properties were compromised between March 20, 2013 and Dec. 16, 2013. The same systems were targeted this time around, although the company said the latest breach was not related to the previous one.

Those affected are customers who used their cards at food and beverage outlets between July 2, 2014, and Feb. 6, 2015, in 10 hotels, which were eight Marriotts, one Courtyard and one Renaissance.

The property management system used to process room charges at front desks do not appear to be affected, White Lodging said.

White Lodging is just one of many business, including Target, Neiman Marcus and Home Depot, which have been struck by point-of-sale malware. The malware collects payment card data immediately after a card is swiped and the details sit unencrypted in a computer's RAM.

White Lodging's problems appear to be a combination of bad luck and very persistent hackers. After its first data breach, White Lodging said it hired a third-party security firm, which it did not identity, to help shore up its systems.

"Unfortunately, the security measures put in place did not stop the implantation of malware on point-of-sale systems at food and beverage outlets in select hotels we manage," it said.

Law enforcement has been notified, and no arrests have been made, White Lodging said. The company didn't say if it suspected the same hacker or group of hackers was behind the latest attack.

Arrests and prosecutions of suspects related to point-of-sale attacks have been rare, as many times the hackers are believed to be outside the U.S.

While law enforcement agencies in different countries are cooperating with more efficiency these days, cross-border cybercrime investigations can still be slow and complicated.

Extraditing suspects is also not possible from some countries. For example, the U.S. does not have extradition treaties with China or Russia, two nations often accused of hosting cybercriminal activity.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags White Lodging Servicessecuritydata breachmalware

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments