Credit Card Security September 2015: Point of Sale Hilton Data Breach
#1
Original Poster
Join Date: Jan 2006
Location: RIX
Programs: SAS Lifetime Gold, HHonors Lifetime Diamond, TK*G Elite+, airBaltic VIP, Sixt Plat, Hertz Gold
Posts: 1,079
Credit Card Security September 2015: Point of Sale Hilton Data Breach
Multiple banks have asked to cancel existing credit card and get a new one free of charge due to the fact that I've recently paid with a card to Hilton family hotel. No agent knew details. Year 2014 we had this. It is either unlikely slow follow-up from VISA and Mastercard in EU or something new.
Anyone else? Any details or happenings recently?
Anyone else? Any details or happenings recently?
#2
FlyerTalk Evangelist
Join Date: Jun 2004
Location: MSP
Programs: DL PM, MM, NR; HH Diamond, Bonvoy LT Gold, Hyatt Explorist, IHG Diamond, others
Posts: 12,159
I've used my Hilton Amex at Hiltons with no such effect.
Nor has that number been stolen (at least, not and run into attempted bogus usage).
Nor has that number been stolen (at least, not and run into attempted bogus usage).
#4
FlyerTalk Evangelist
Join Date: Jan 2005
Location: home = LAX
Posts: 25,927
It wasn't the credit cards there were hacked; it was the Hilton HHonors accounts. Hacking a Hilton HHonors accounts let someone use the credit card on file to pay for their own stay, but it didn't gain them access to the credit card on file beyond that.
So there's no need for banks to replace the card, since the card itself was not hacked or stolen, just in some cases used without permission. If yours wasn't used without permission, and your account wasn't hacked, you aren't due anything (except a CAPTCHA maybe*) from either the card issuer or Hilton HHonors.
* The CAPTCHA, followed by the elimination of the 4-digit PIN as a way to log in, was Hilton's response to those hacks.
So there's no need for banks to replace the card, since the card itself was not hacked or stolen, just in some cases used without permission. If yours wasn't used without permission, and your account wasn't hacked, you aren't due anything (except a CAPTCHA maybe*) from either the card issuer or Hilton HHonors.
* The CAPTCHA, followed by the elimination of the 4-digit PIN as a way to log in, was Hilton's response to those hacks.
#5
Join Date: Jun 2005
Location: DTW/FNT
Programs: Delta (nee NW), Hilton Diamond. IHG (PT)
Posts: 4,823
Multiple banks have asked to cancel existing credit card and get a new one free of charge due to the fact that I've recently paid with a card to Hilton family hotel. No agent knew details. Year 2014 we had this. It is either unlikely slow follow-up from VISA and Mastercard in EU or something new.
Anyone else? Any details or happenings recently?
Anyone else? Any details or happenings recently?
Bob H
#6
Original Poster
Join Date: Jan 2006
Location: RIX
Programs: SAS Lifetime Gold, HHonors Lifetime Diamond, TK*G Elite+, airBaltic VIP, Sixt Plat, Hertz Gold
Posts: 1,079
Cards had chips. It seems only VISA and MasterCard are worried here. No questions from Amex.
When Adobe CC info was stolen, Amex was the first to replace my card.
When Adobe CC info was stolen, Amex was the first to replace my card.
#7
Join Date: Sep 2000
Location: OH
Programs: AA Lifetime Plat, Marriot Lifetime Gold
Posts: 9,522
It is NOT Visa and MasterCard responsible for replacing your cards - that is a decision taken solely by the card issuer (a credit union or bank). Unlike AMEX, Visa and MasterCard are not the creditors nor issuers of your credit.
#8
Join Date: Feb 2013
Programs: Hilton Diamond
Posts: 4,194
This has nothing to do with Hilton, but I got an e-mail a few days ago that I was getting a new Mastercard card from one of my two card providers and they cited the new chip technology on the card. They gave me a new card out of the blue with a new number about 18 months ago citing security as well so not sure. My current cards don't have chips so I am not thrilled about getting one with the whole RFID stealing issue. I have a VISA from a money center bank which has not had any such changes.
#9
FlyerTalk Evangelist
Join Date: Jan 2005
Location: home = LAX
Posts: 25,927
In any case, if you are concerned about RFID, there are RFID-blocking wallets out there.
But as you said, this is the wrong thread. The thread for contactless is:
The thread for EMV chip cards is:
(Both are in the Credit Cards forum.)
Last edited by sdsearch; Sep 23, 2015 at 1:59 pm
#10
Join Date: Feb 2013
Programs: Hilton Diamond
Posts: 4,194
Huh? These cards don't necessarily come with RFID. You're confusing EMV (the visible chip) with Contactless. They may or may not come on the same card, depending on the bank (and/or the specific card). I certainly have many EMV chip cards without Contactless (NFC). And without Contactless, how can you have an RFID issue? EMV chips depend on hard physical contact, that's why they're visible on the front of the card, because it has to make physical contact with the reader.
In any case, if you are concerned about RFID, there are RFID-blocking wallets out there.
But as you said, this is the wrong thread. The thread for contactless is:
The thread for EMV chip cards is:
(Both are in the Credit Cards forum.)
In any case, if you are concerned about RFID, there are RFID-blocking wallets out there.
But as you said, this is the wrong thread. The thread for contactless is:
The thread for EMV chip cards is:
(Both are in the Credit Cards forum.)
#11
Join Date: Oct 2009
Location: PHL/EWR
Programs: AA, US, WN, HHonors Diamond, Hyatt Plat
Posts: 1,528
Multiple banks have asked to cancel existing credit card and get a new one free of charge due to the fact that I've recently paid with a card to Hilton family hotel. No agent knew details. Year 2014 we had this. It is either unlikely slow follow-up from VISA and Mastercard in EU or something new.
Anyone else? Any details or happenings recently?
Anyone else? Any details or happenings recently?
#12
Point of Sale Hilton Data Breach
It appears sales from both the Hilton lobby sundry shops and hotel restaurants are suspected in a large data breach.
https://krebsonsecurity.com/2015/09/...el-properties/
https://krebsonsecurity.com/2015/09/...el-properties/
#14
FlyerTalk Evangelist
Join Date: Jan 2000
Posts: 15,323
Posting for everyone's interest here, one time on the HH forum. In the last 24 hours Two of my banks have gotten in touch with me to inform me that my cards are blocked and they are sending me new ones due to the data breach and that this goes back as far as January, and effects many Hiltons outside of the United States as well, and not just sundries as at one hotel there were none, furthermore I should mention that one is a chip card. I think that by Monday or Tuesday this is going to be a major story/issue.
#15
Join Date: Jun 2005
Location: DTW/FNT
Programs: Delta (nee NW), Hilton Diamond. IHG (PT)
Posts: 4,823
Posting for everyone's interest here, one time on the HH forum. In the last 24 hours Two of my banks have gotten in touch with me to inform me that my cards are blocked and they are sending me new ones due to the data breach and that this goes back as far as January, and effects many Hiltons outside of the United States as well, and not just sundries as at one hotel there were none, furthermore I should mention that one is a chip card. I think that by Monday or Tuesday this is going to be a major story/issue.
Bob H