Guests at Marriott, Sheraton, and Westin hotels throughout the country have allegedly been exposed to the risk of theft as the hotel management firm White Lodging suffered a credit card data breach, the Wire reported.
Cyber security expert Brian Krebs, who first broke the story of Target's massive data breach, and retailer Neiman Marcus's less massive one, explained in a blog post that thousands of hotel patrons could have been exposed to the breach in 2013.
"Earlier this month, multiple sources in the banking industry began sharing data indicating that they were seeing a pattern of fraud on hundreds of cards that were all previously used at Marriott hotels from roughly March 23, 2013 on through the end of last year," Krebs said. "But those same sources said they were puzzled by the pattern of fraud, because it was seen only at specific Marriott hotels, including locations in Austin, Chicago Denver, Los Angeles, Louisville and Tampa. Turns out, the common thread among all of those Marriott locations is that they are managed by Merrillville, Indiana-based White Lodging Services Corporation."
Although White Lodging hasn't issued much of a response to the report, they said that an investigation is underway. According to Krebs, the firm manages 168 hotels across 21 states.
According to the Wire, Marriott has responded with a more extensive statement on one of its franchisees which the company states has seen "unusual fraud patterns."
"They are in the midst of the investigation and are in close contact with the banks and credit cards companies. We are working closely with the franchisee as they investigate the matter. Because the suspected breach did not impact any systems that Marriott owns or controls, we do not have additional information to provide."
Krebs said that his sources report the fraud largely affected gift shops, restaurants and other properties within hotels, but not the hotel management systems themselves, the Wire reported.
According to The New York Times, the Secret Service could not comment on whether they were looking into the hotel system breach.
"The Target data breach is turning out to be one of the largest in American retail history, and could point to a more general failing on the part of credit card security, which would explain why retailers are not the only ones suffering from security breaches. The problem goes much deeper than stores or your wallet," the Wire reported.
