Hilton admits to credit card-stealing malware breach

Point-of-sale malware attack comes after widespread rash of retail PoS infections

The Hilton hotel chain has confirmed that its point-of-sale systems were compromised by a malware infection that put customers' credit card information at risk.

Threat actors gained access twice between 18 November and 5 December last year, and between 21 April and 27 July this year.

The malware revealed the names, security codes and card numbers of hotel guests, which may have enabled hackers to make fraudulent purchases.

Advertisement - Article continues below

Hilton says it has now eliminated the offending malware and is offering a year's worth of credit monitoring free of charge to those that think they may be affected.

However, the announcement came two months after the malware's discovery, leaving little option for consumers to attempt their own efforts at damage control.

Hilton is the second hotel chain this week to reveal a breach of their systems. The Starwood group also announced that its PoS terminals were hit by similar credit card-stealing malware.

Hot on the heels of these heinous hacks is news of yet more PoS malware. The recently-discovered ModPoS' exploit has been described by iSight Partners the security company which unearthed it as "PoS malware on steroids" which reportedly stole "multiple millions" of credit cards.

According to Mark Bower, global director of product management for enterprise data security at HPE, "the good news is that savvy merchants are already tackling this risk and giving the malware nothing to steal through solutions that also have a dramatic cost reducing benefit to PCI compliance."

Advertisement
Advertisement - Article continues below

"Encrypting the data in the card reading terminal ahead of the POS eliminates the exposure of live information in vulnerable POS systems."

"No live data means no gold to steal," he says. "Attackers don't like stealing straw."

Featured Resources

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Remote working 2020: Advantages and challenges

Discover how to overcome remote working challenges

Download now

Keep your data available with snapshot technology

Synology’s solution to your data protection problem

Download now

After the lockdown - reinventing the way your business works

Your guide to ensuring business continuity, no matter the crisis

Download now
Advertisement

Recommended

Malware attacks using machine identities doubled in 2019
cyber security

Malware attacks using machine identities doubled in 2019

4 Aug 2020
Russia hacked Liam Fox's personal email to steal trade documents
phishing

Russia hacked Liam Fox's personal email to steal trade documents

4 Aug 2020
British teenager charged over Twitter hack
hacking

British teenager charged over Twitter hack

3 Aug 2020
Mid-year report says vulnerabilities up 22% in 2020
hacking

Mid-year report says vulnerabilities up 22% in 2020

30 Jul 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
How do I fix the Windows 10 Start Menu if it's frozen?
operating systems

How do I fix the Windows 10 Start Menu if it's frozen?

3 Aug 2020