HEI Hotels & Resorts provided a list of hotels - 20 hotels in 10 states and the District of Columbia - that suffered a "security incident," in which payment card data of customers may have been affected."HEI was recently alerted to a potential security incident by its card processor," HEI said in a statement released Friday. "Based upon an extensive forensic investigation, it appears that unauthorized individuals installed malicious software on our payment processing systems at certain properties designed to capture payment card information as it was routed through these systems."
The malware could have affected payment card information, which could include the customer's name, payment card account number, card expiration date and verification code, for those customers who used the payment cards at "point-of-sale terminals" at the following properties during the identified times.
The hotels affected include Marriott, Hyatt, and Westins.
HEI said it recommends customers who used payment cards at the hotels during the specific dates review their card statements as soon as possible for any unusual activity. The customers should notify the issuer of the card immediately if any suspicious activity is detected.
"We urge customers to remain vigilant and continue to monitor statements for unusual activity going forward," HEI's statement said.