You’ve probably never heard of the White Lodging Services Corporation, but you very well may have stayed in one of their hotels. Hotel chains have franchises, just like fast food restaurants, and White Lodging operates approximately 170 various hotels all over the country, including some Sheraton, Hyatt, Hilton, Westin, and Marriott locations.
The data breach appears to have taken place over the vast majority of 2013, as security expert Brian Krebs reports. Investigators working through a pattern of credit card fraud found that what the cards all had in common was a stay at a White Lodging hotel between March 23, 2013 and the end of the year.
The affected cards seem mostly to have been used not for room reservations, but for other uses–particularly restaurants and gift shops–inside the affected hotel locations, Krebs reports:
Sources say the breach appears to have affected mainly restaurants, gift shops and other establishments within hotels managed by White Lodging — not the property management systems that run the hotel front desk computers which handle guests checking in and out. In the case of Marriott, for example, all Marriott establishments operated as a franchise must use Marriott’s property management system. As a result, the breach impacted only those Marriott guests who used their cards at White Lodging-managed gift shops and restaurants.
Marriott told Krebs that White Lodging is, “in the midst of the investigation and are in close contact with the banks and credit cards companies. We are working closely with the franchisee as they investigate the matter.”
And as we keep seeing again and again, if you’ve used a credit or debit card pretty much anywhere, you should be aware of breaches and take steps to protect yourself. A need for vigilance is the downside of convenience, these days.
Hotel Franchise Firm White Lodging Investigates Breach [Krebs On Security]