Hotels Were Unknowingly Hacked For Months, Putting Thousands Of Credit Cards At Risk

[Shutterstock - David Evison]

Daily Caller News Foundation logo
Eric Lieberman Managing Editor
Font Size:

Potentially thousands of people’s personal credit card information was obtained by cybercriminals after 20 hotels across the country were unknowingly hacked for months.

HEI Hotels & Resorts, the hospitality chain that owns popular hotels like Marriott, Hyatt, and Intercontinental, released a notice Friday, informing customers and the general public about a “payment card security incident.” (RELATED: Zuckerberg HACKED, Password Literally Consisted Of Two Letters)

“Based on an independent forensic investigation, we believe that individuals were able to gain unauthorized access to certain HEI computers and may have been able to access some payment card data as it was being entered into our systems,” the company explained under a separate “Frequently Asked Questions” release.

Hackers allegedly installed malware on various payment processing systems at 20 of HEI’s hotels in order to collect names and credit card numbers, including the necessary expiration data and verification codes. The malware was able to pull credit card details from point-of-sale amenities that may not be pre-paid features, like in-house restaurants, spas and boutiques.

The hacking ensued for months unbeknownst to the managers or security units of the hotels.

This is yet another example in a series of recent and large-scale virtual breaches, impacting  organizations in all spheres of life — from government to the private sector.  (RELATED: Three Teenagers Are Making A KILLING Teaching Tech Giants How To Hack)

Here is the “List of Affected Properties” released by HEI, including the time period when the breaches likely occurred.

Follow Eric on Twitter

Send tips to

All content created by the Daily Caller News Foundation, an independent and nonpartisan newswire service, is available without charge to any legitimate news publisher that can provide a large audience. All republished articles must include our logo, our reporter’s byline and their DCNF affiliation. For any questions about our guidelines or partnering with us, please contact

Eric Lieberman