Event organisers and conference delegates have been urged to check their bank accounts following a major data breach.
Hilton Worldwide has confirmed that malware found its way onto point-of-sale systems that targeted payment card information.
Targeted data included cardholder names, payment card numbers, security codes and expiry dates.
Addresses and PINs were not exposed, Hilton said, following an investigation by third-party forensics experts, law enforcement and payment card companies.
Hilton is staying tight-lipped over which hotel locations may have been affected by the breach, but is telling customers to review their payment card statements – particularly if they used their cards at a Hilton Worldwide hotel between 8 November – 5 December 2014 or 21 April – 27 July 201. The hotel chain has refused to reveal the number of people or credit card records exposed at a result of the breach.
A spokesman sought to assure guests that the malware had been purged and the security of its systems strengthened in the wake of the attack.
He said: “Hilton Worldwide has identified and taken action to eradicate unauthorized malware that targeted payment card information in some point-of-sale systems. Hilton immediately launched an investigation and has further strengthened its systems.”
Meanwhile, the Starwood hotel chain, which owns high-end hotel brands like Westin, Sheraton, W, and St. Regis, has admitted that 54 of its locations fell victim to a malware attack against its point of sale system at various points beginning in November 2014.