Hilton Hotels have issued a statement confirming rumours that have swirled around for the last couple of months, stating that malware had found its way onto point-of-sale systems and stole payment card information.
That stolen information includes cardholder names, payment card numbers, security codes and expiry dates. However, addresses and PINs have not been exposed.
Right now Hilton doesn’t appear to be sharing any information about how many or which hotel locations may have been affected by the breach, or whether the attack was limited (as was the case in other attacks on hotel chains) to point of sales devices in restaurants and retail outlets, rather than necessarily at the check-in desk. Mark James, Security specialist at IT security firm ESET have the following comments on it.