Starwood Hotels Reports Payment Systems At 54 Locations Infected With Malware

Just days after Starwood Hotels and Resorts made headlines for combining with Marriott to make the world’s largest hotelier, the company is back in the news for a decidedly less exciting issue: it’s the latest victim of a hack attack. 

Starwood –the operator of brands like Sheraton, St. Regis, W and Westin – notified customers Friday that payment systems at 54 of its North American hotels were infected with malware designed to collect payment card data from restaurants, gift shops and other retail areas of the buildings.

A third-party investigation found that, while no customer data was compromised, the malware was put in place for varying periods of time between Nov. 2014 and Oct. 2015.

Starwood says that the malware “no longer presents a threat,” and the company has implemented additional security measures to prevent future hack attacks.

“Protecting our customers’ information is critically important to Starwood and we take this issue extremely seriously,” Sergio Rivera, Starwood President, said in a statement. “We have been working closely with law enforcement authorities and have been coordinating our efforts with the payment card organizations. We want to assure our customers that we have implemented additional security measures to help prevent this type of crime from reoccurring.”

The list [PDF] of affected hotels include the Sheraton New York Times Square hotel, the Westin New York Grand Central New York and The St. Regis Bal Harbour Resort in Florida.

[via Reuters]

Want more consumer news? Visit our parent organization, Consumer Reports, for the latest on scams, recalls, and other consumer issues.