Millennium Hotels & Resorts warns of credit card data breach

Millennium Hotels Minneapolis

Millennium Hotels & Resorts North America said it has become aware of a data-security incident involving food-and-beverage point-of-sale systems at 14 of its hotels in the United States. The chain did not reveal which hotels but advises hotel guests to review their payment card account statements closely and to report unauthorized charges to their card issuer immediately.

The company has engaged third-party cyber forensic experts to investigate the incident. To date, the investigation has not identified the presence of malware on any MHR systems. Initial information suggests that the incident affected point of sale systems that processed customer card payments, primarily within food and beverage facilities operating at the hotels between early March 2016 and mid-June 2016.

MHR originally was notified of the incident by the U.S. Secret Service and took immediate steps to investigate and isolate the card processing elements of the affected point of sale systems, which were promptly taken offline.


Like this story? Subscribe to Technology!

Hospitality professionals turn to Technology as their go-to news source for the latest technology products and trends. Sign up today to get news and updates on security systems, in-room entertainment, and more delivered to your inbox and read on the go.

Subsequently, MHR was notified by a third-party service provider, that supplies and services the affected point of sale systems,  that it had detected and addressed malicious code in certain of its legacy point of sale systems, including those used by MHR. MHR immediately adopted additional security measures as recommended by the third-party service provider.

The affected point of sale systems are separate from other MHR systems, including MHR’s hotel property-management and booking systems. The results from MHR’s current investigation do not indicate compromise of those other systems.

Suggested Articles

Hotels with a history of crime can face legal consequences when they fail to protect guests from foreseeable harm.

The system at the InterContinental San Diego will provide cost-saving benefits by automating manual uniform-inventory tasks.

HRI installed the PVNG enterprise back-office system for integrated financial analysis and decision making at 25 hotels.