White Lodging, Marriott hotels hit by credit-card hack

Beginning in March 23, 2013 to the end of last year, guests of the Marriott hotel chain have been struck by a large-scale credit-card hacking scheme. Gary Warner, chief technology officer at Malcovery Security, told The Globe and Mail that the security breach targeted restaurants and gift shops in Marriott properties. Warner suggests the fraud was possible because customers in the U.S., unlike in Canada, still use credit cards with built-in chips or PINs that can be easily copied. The fact that the intrusion took place primarily in restaurants and gift shops, but spread throughout multiple states, suggests that the hackers invaded via fraudulent computer code acquired by an employee in a payment processing center.

According to eSecurity Planet, the fraud was disclosed by computer security journalist Brian Krebs, who traced the fraud to an invasion of systems belonging to White Lodging, a hotel chain operator that maintains franchises for Marriott but also Sheraton, Westin, Hyatt and InterContinental. Krebs reported that a pattern of fraud originated in hundreds of cards previously used at specific Marriott hotels managed by White Lodging. White Lodging announced than an investigation is in progress.

"We are working closely with the franchise management company as they investigate the matter," said Jeff Flaherty, spokesman for Marriott, told WDAM. "Because the suspected breach did not impact any systems that Marriott owns or controls, we do not have additional information to provide."

Virtual Roundtable

Post COVID-19: The New Guest Experience

Join Hotel Management’s Elaine Simon for our latest roundtable—Post COVID-19: The New Guest Experience. The experts on the panel will share how to inspire guest confidence that hotels are safe and clean and how to win back guest business.

Last year's high profile hacking of Target's credit card systems is potentially the largest breach in U.S. retail history, affecting as many as 110 million customers. After Target disclosed its breach, other retailers announced similar breaches, including Neiman Marcus and Michaels. Security experts have warned of the possibility other companies were targeted by the hackers who hit Target.

Suggested Articles

Insurance companies believe that COVID-19-related losses should not be included in business interruption coverage, but the issue is far from settled.

The MMGY Global Travel Safety Barometer measures Americans’ perceptions of safety on a scale from 0 (extremely unsafe) to 100 (extremely safe).

The cards contain patented New Antimicrobial Layer technology to inhibit the growth and transmission of germs, viruses and pathogens.