The luxury hotel chain joins a growing list of major companies who’ve suffered at the hands of cybercriminals in the last 18 months.
The hotel group said point-of-sale systems at a number of its hotels in both the U.S. and Europe — though not in Asia — had been infected with malware, giving hackers access to credit card details of some of its customers.
It said that at the current time it was unable to name which of its 45 hotels had been hit in the attack, or say precisely how much data was taken, though such information is likely to be made available once the investigation is complete.
“From the information we have to date, the breach has only affected credit card data and not any other personal guest data, and credit card security codes have not been compromised,” the Mandarin Oriental Group said in a release.
“The Group has identified and removed the malware and is coordinating with credit card agencies, law enforcement authorities and forensic specialists to ensure that all necessary steps are taken to fully protect our guests and our systems across our portfolio,” it said.
The company promised customers it had “moved swiftly” to deal with the situation once the scam was discovered, and made assurances that “security protocols are being thoroughly tested at all hotels to protect guest information and prevent a recurrence of such an attack.”
We can expect to hear an update from the group before too long, but in the meantime, if you’ve recently used a credit card at one of its hotels in the U.S. or Europe, it’s recommended you keep an eye out for any suspicious behavior on your card.
Last year was a rotten one for companies dealing with point-of-sale scams, with Home Depot and Target among dozens of popular retailers hit by such attacks.
Criminals sell the nabbed credit card data on illicit hacking forums, with buyers using it to buy goods online or withdraw money from bank accounts.
