Hotel Chain Confirms Hack Attack
The hotel chain Mandarin Oriental has confirmed that credit card data has been stolen in a hack attack.
The data was stolen from card processing systems in the company's hotels in US and Europe.
The hotel has not said how many of its hotels have been affected or how much data has gone missing.
Mandarin Oriental has said it is currently carrying out an investigation and would provide more details when it had them.
In a statement the Mandarin Oriental Group said point-of-sale systems at some of the 45 hotels it runs had been infected with malicious data-grabbing software.
It said: "While the group has leading data security systems in place, this malware is undetectable by all anti-viral systems". It also added that the malware had been removed as soon as it had been detected.
Mandarin Oriental is working with security companies to find out how malicious code got onto its systems in the first place and said they had alerted other hotels about the malware.
The statement said as far as it could tell only credit card numbers had been stolen. Other security codes used in conjunction with payment cards had not been taken nor had any personal details.
It advised people who had stayed in its hotels in US and Europe to keep an eye on credit and debit card statements to spot irregularities.
Security expert Brian Krebs said the breach seemed to date to just before Christmas 2014 and added that the breach was spotted by tracing a pattern of fraudulent payments back to systems used at Mandarin hotels.
He said: "It should be interesting to see how much the stolen cards are worth, when and if and they go up for sale in the underground card markets.
"I'm betting these cards would fetch a pretty penny. This hotel chain is frequented by high rollers who likely have high- or no-limit credit cards."
Return to internet news headlines
View Internet News Archive