White Lodging Services confirms second payment card breach

Security measures put in place after a first breach last year failed to stop hackers from striking again

A large hotel management company has confirmed a second payment card breach in less than 14 months, underscoring the difficulties businesses are having with data thieves.

White Lodging Services said the second breach was detected on Jan. 27 after unusual payment card activity was discovered on credit cards used at four Marriott-branded hotels. The compromised data includes customer names, card numbers, security codes and expiration dates, it said in a statement.

The Merrillville, Indiana-based company manages hotels under agreements with hotels owners and is a separate entity from the specific hotel brands it operates.

In February 2014, White Lodging said point-of-sale systems at restaurants and lounges on 14 of its properties were compromised between March 20, 2013 and Dec. 16, 2013. The same systems were targeted this time around, although the company said the latest breach was not related to the previous one.

Those affected are customers who used their cards at food and beverage outlets between July 2, 2014, and Feb. 6, 2015, in 10 hotels, which were eight Marriotts, one Courtyard and one Renaissance.

The property management system used to process room charges at front desks do not appear to be affected, White Lodging said.

White Lodging is just one of many business, including Target, Neiman Marcus and Home Depot, which have been struck by point-of-sale malware. The malware collects payment card data immediately after a card is swiped and the details sit unencrypted in a computer's RAM.

White Lodging's problems appear to be a combination of bad luck and very persistent hackers. After its first data breach, White Lodging said it hired a third-party security firm, which it did not identity, to help shore up its systems.

"Unfortunately, the security measures put in place did not stop the implantation of malware on point-of-sale systems at food and beverage outlets in select hotels we manage," it said.

Law enforcement has been notified, and no arrests have been made, White Lodging said. The company didn't say if it suspected the same hacker or group of hackers was behind the latest attack.

Arrests and prosecutions of suspects related to point-of-sale attacks have been rare, as many times the hackers are believed to be outside the U.S.

While law enforcement agencies in different countries are cooperating with more efficiency these days, cross-border cybercrime investigations can still be slow and complicated.

Extraditing suspects is also not possible from some countries. For example, the U.S. does not have extradition treaties with China or Russia, two nations often accused of hosting cybercriminal activity.

Send news tips and comments to jeremy_kirk@idg.com. Follow me on Twitter: @jeremy_kirk

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags securitymalwaredata breachWhite Lodging Services

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?