Credit Card Security September 2015: Point of Sale Hilton Data Breach
#16
Join Date: May 2000
Location: Houston, TX, USA
Programs: UA 1K, AA Lifetime Platinum, DL Platinum, Honors Diamond, Bonvoy Titanium, Hertz Platinum
Posts: 7,969
#17
FlyerTalk Evangelist
Join Date: Jan 2005
Location: home = LAX
Posts: 25,933
It appears sales from both the Hilton lobby sundry shops and hotel restaurants are suspected in a large data breach.
https://krebsonsecurity.com/2015/09/...el-properties/
https://krebsonsecurity.com/2015/09/...el-properties/
"As with other recent card breaches at major hotel chains — including Mandarin Oriental and White Lodging properties — the breach does not appear to be related to the guest reservation systems at the affected locations. Rather, sources say the fraud seems to stem from compromised point-of-sale devices inside of franchised restaurants, coffee bars and gift shops within Hilton properties."
But above that it says:"They were all were used at Hilton properties, including the company’s flagship Hilton locations as well as Embassy Suites, Doubletree, Hampton Inn and Suites, and the upscale Waldorf Astoria Hotels & Resorts."
What point-of-sale devices inside of franchised subset of a Hampton are they talking about? I've never seen such a thing at a Hampton. At every Hampton I've been to, if I want to buy something from the little shop, I have pay through the same front desk that handles my reservation.So I can't square this article's claim that it's POS devices in franchised subsets of the hotel with this article's claim that Hampton was among the affect properties.
#18
FlyerTalk Evangelist
Join Date: Oct 1999
Location: Juneau, Alaska.
Programs: AS 75K;BA Silver;AA G;HH Dia;HY Glob
Posts: 15,813
The article says:
So I can't square this article's claim that it's POS devices in franchised subsets of the hotel with this article's claim that Hampton was among the affect properties.
"As with other recent card breaches at major hotel chains — including Mandarin Oriental and White Lodging properties — the breach does not appear to be related to the guest reservation systems at the affected locations. Rather, sources say the fraud seems to stem from compromised point-of-sale devices inside of franchised restaurants, coffee bars and gift shops within Hilton properties."
But above that it says:"They were all were used at Hilton properties, including the company’s flagship Hilton locations as well as Embassy Suites, Doubletree, Hampton Inn and Suites, and the upscale Waldorf Astoria Hotels & Resorts."
What point-of-sale devices inside of franchised subset of a Hampton are they talking about? I've never seen such a thing at a Hampton. At every Hampton I've been to, if I want to buy something from the little shop, I have pay through the same front desk that handles my reservation.So I can't square this article's claim that it's POS devices in franchised subsets of the hotel with this article's claim that Hampton was among the affect properties.
#19
Join Date: Jun 2005
Location: DTW/FNT
Programs: Delta (nee NW), Hilton Diamond. IHG (PT)
Posts: 4,823
It appears sales from both the Hilton lobby sundry shops and hotel restaurants are suspected in a large data breach.
https://krebsonsecurity.com/2015/09/...el-properties/
https://krebsonsecurity.com/2015/09/...el-properties/
see
http://www.reuters.com/article/2015/...0RQ0NQ20150926
Bob H
#21
Join Date: Jan 2002
Location: Salt Lake City, Utah, USA
Posts: 9,996
Welcome to Hampton Inn at the Tin Lizzie Gaming Resort located downtown in historic Deadwood, SD, just minutes from Interstate 90. Our hotel provides easy access to Deadwood's many attractions, including the Days of '76 Museum and Rodeo Grounds, Mt. Moriah Cemetery, Historic Adams House and the site of Wild Bill's last poker game....
Our hotel is attached to the newly renovated Tin Lizzie Gaming Resort, offering over 275 slot machines, six live table games, a full service bar, expansive buffet, made-to-order grill, and the best parking on historic Main Street. Get your morning started with a free hot breakfast (served daily), or dine at the Tin Lizzie Restaurant and Grill - open for breakfast, lunch and dinner....
Our hotel is attached to the newly renovated Tin Lizzie Gaming Resort, offering over 275 slot machines, six live table games, a full service bar, expansive buffet, made-to-order grill, and the best parking on historic Main Street. Get your morning started with a free hot breakfast (served daily), or dine at the Tin Lizzie Restaurant and Grill - open for breakfast, lunch and dinner....
#22
Join Date: Jul 2012
Location: Canada
Programs: BA Gold (OWE), Star Alliance Gold, Hilton Diamond
Posts: 2,194
I'm not sure I buy the dates. I had a credit card fraudulently earlier on in the year and the card is never really used. I used it at Hilton at the bar for around 3 USD and it was used fraudulently a couple days later.
#23
Original Poster
Join Date: Jan 2006
Location: RIX
Programs: SAS Lifetime Gold, HHonors Lifetime Diamond, TK*G Elite+, airBaltic VIP, Sixt Plat, Hertz Gold
Posts: 1,079
November 2015. This week all my cards used at different Hilton Hotels worldwide are being replaced AGAIN. They claim that cards used at any Hilton hotel worldwide are at potential risk. I accepted 3 card replacement from 3 different banks, including a corporate card. All of them were chip-cards already.
A bit of a hassle for me but no charges. I haven't had any fraudulent transactions though.
I guess I will need to replace credit card guarantee for New Years eve and some other high season bookings on hilton.com.
A bit of a hassle for me but no charges. I haven't had any fraudulent transactions though.
I guess I will need to replace credit card guarantee for New Years eve and some other high season bookings on hilton.com.
#24
Join Date: Jan 2014
Posts: 32
I had a pending charge on my AE card from a Hampton ($472.00) I had never stayed at. I called the hotel, the said they could not find any such charge. I called AE and they canceled the card and put an investigation in on it. I never got charged, but I may have if I did not catch the pending charge.
#25
Join Date: Jun 1999
Location: NYC/LA
Programs: DL Plat, AA Plat Pro, Marriott Titanium, IHG Diamond Amb
Posts: 7,486
Looks like Hilton has FINALLY acknowledged that there was a breach:
http://hiltonworldwide.com/guestupdate
Covers the period:
November 18 to December 5, 2014 and
April 21 to July 27, 2015
http://hiltonworldwide.com/guestupdate
Covers the period:
November 18 to December 5, 2014 and
April 21 to July 27, 2015
#26
Join Date: Apr 2013
Location: New Zealand (most of the time)
Programs: Air NZ Elite *G, Honors Gold, IHG Platinum Elite
Posts: 6,115
I had no Hilton stays during that period but had a card on file in my Hhonors account during those periods.
This card was used for a test transaction (a small charge against a charity in Canada which was obviously used to test the validity of the card) in September which resulted in my bank here in New Zealand immediately cancelling my card. As this card # had not been used extensively elsewhere I really do wonder if the hack affected more than just their POS systems as they claim.
Yes the card number could have been harvested elsewhere, but I find it interesting.
This card was used for a test transaction (a small charge against a charity in Canada which was obviously used to test the validity of the card) in September which resulted in my bank here in New Zealand immediately cancelling my card. As this card # had not been used extensively elsewhere I really do wonder if the hack affected more than just their POS systems as they claim.
Yes the card number could have been harvested elsewhere, but I find it interesting.