Hotel management firm breached, card details of guests stolen
Posted on 03 February 2014.
Hotel management firm White Lodging seems to have had its systems compromised and the attackers managed to exfiltrate a yet unknown quantity of credit and debit card details.

The breach is still unconfirmed by the company, which is still investigating the claim and has said it will "provide meaningful information as soon as it becomes available.”

"Earlier this month, multiple sources in the banking industry began sharing data indicating that they were seeing a pattern of fraud on hundreds of cards that were all previously used at Marriott hotels from roughly March 23, 2013 on through the end of last year," reported Brian Krebs.

"But those sames sources said they were puzzled by the pattern of fraud, because it was seen only at specific Marriott hotels, including locations in Austin, Chicago Denver, Los Angeles, Louisville and Tampa."

Deeper researcher uncovered the common link between them: they are all operated by White Lodging.

Also, as it turns out, customers who paid for their stay at the front desk of a Marriott are not in danger or having their information misused, as the chain makes it mandatory for all its hotels - even those operated as a franchise - to use its property management system.

It is the ones who ate at the hotels' restaurants and shopped at their gift shops that had their information stolen, and would do well to check their card statements carefully for any unauthorized charges.

White Lodging also runs hotel franchises under the Hilton, Sheraton and Westin brands, but whether their guests have been affected as well is yet to be discovered.


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th