Marriott Hacked

Another loss of credit card data has occurred at Marriott. So if you used a credit card at a Marriott's between March and August 2013, you may be at risk.

 

Apologies, just heard this report on my news station. Did not realize that Marriott sent letters out when it occurred, so people already knew.

 

Link?

 

Latest Sites of Breaches in Security Are Hotels
SAN FRANCISCO — In the latest in a spate of online attacks affecting American businesses, White Lodging, which manages hotel franchises for chains like Marriott, Hilton and Starwood Hotels, is investigating a potential security breach involving customers’ payment information.

White Lodging Services Corporation, which works with 168 hotels in 21 states, confirmed that it was examining the data breach.

The intrusion into its systems was first posted by Brian Krebs, a security blogger, on Friday, when he reported that the breach might have resulted in the fraudulent use of hundreds of credit and debit cards used for payment at Marriott hotels between March 2013 and the end of the year.

Mr. Krebs was also first to report the hacking of consumer data from Target, Neiman Marcus and Michaels, the arts and crafts retailer.

Mr. Krebs said that he was alerted to fraudulent transactions at scattered Marriott hotel locations by unnamed people in the banking industry. The locations where the fraudulent activity took place were all managed by White Lodging, which is based in Merrillville, Ind.

Kathleen Quilligan, a spokeswoman for White Lodging, confirmed the company was investigating. Separately, Marriott confirmed that a franchisee had experienced unusual fraud activity connected to the systems that process credit card transactions for hotels including Marriott and others. The company said it was working closely with the franchisee as it investigated.

A spokesman for the Secret Service could not immediately say whether the agency was investigating the breach of White Lodging data. The Secret Service is conducting separate inquiries into the breaches at Target, Neiman Marcus and Michaels.

A band of hackers in Eastern Europe is believed to be responsible for those data thefts, and may be behind a broader attack directed at as many as half a dozen other retailers, according to two people investigating the breaches who spoke on the condition of anonymity.

Full story...

 

I was aware of that story, but that's not a credit card breach/hack occurring at Marriott.

 

All this theft of credit card data makes me wonder why people use their cards instead of more protected money transfers like paypal or Western Union.

 

I used CC at Marriott in April and no one notified me ... maybe the email got deleted inadvertently!

Was the breach a global event, or was limited to the US?

 

The limited information I heard was that letters were sent out in mid-summer. There is also the possibility that this a second intrusion that is being reported. I'm afraid I don't know very much, but did want the MP community to be aware of a potential issue.

 

Credit cards used at Marriott were the target of the attack. Perhaps you can educate me further on what the term hacked means so I used it appropriately. In any case, the data breach is related to credit card usage at Marriotts.

 

I wasn't commenting on your use of the term hack.

So do you have a link to the story?

Are you referring to the story NYCUA1K cited, which was at a company called White Lodging, which happens to manage (among other chains) some Marriotts?

Your post says it happened "at Marriott" which would be a much bigger deal. A quick google search this morning found nothing, but I assume it was in the news today it should be possible to find a reference online.

 

Indeed.

 

Because I am pretty much protected against fraudulent charges by federal law.

 

So nice of you to be aware of the story, but not let anyone know about it. You have a problem with the story, then perhaps you could be helpful and provide better information.

 

Is it the story you referred to or is it not? That's a simple question. Yes or no will do.

As for me not posting about it: I am not getting paid to rehash news stories I see on TV on this site. Sometimes I do start threads here, but please accept that I make the decision how I spend my time.

(For fun, count the number of threads I started and compare to the number of threads you started... and then accuse me again of not sharing information)

See above.

 

It is the same story for which I provided the link, because the OP indicated the breach started in March 2013, which is also the timeframe in the story I linked to: "... March 2013 and the end of the year."

I was confused by your line of inquiry. Why would it be a bigger deal if it were "at Marriott"? If this White Lodging company manages a large enough share of the hotel CC/DC transactions (and it appears that it does), then the damage could be just as extensive, if not more so...

 

I predict before the end of the year there will be a story of a data breach at one of those.
"because that's where the money is." (Willy Sutton, answering a reporters question on why he robbed banks)

 

DUDES! This happened at WHITE LODGING owned properties. 168 buildings total. SOME were Marriott. The OP was accurate to a degree but overall, a very misleading thread title. Most people, not having previously read the story, would infer from the headline that this was a "Marriott-wide" problem which would be a VERY big deal. Instead, the truth of the matter is, the breach was limited to a relative handful of properties...still a pretty big deal.

I suggest we all holster our six shooters and try to avoid sensationalistic thread titles.

 

A rule of thumb is one should not draw any conclusions based on a headline, so please always be sure to read the story! The interest in this story is that Marriott records were accessed. While the thread title was admittedly not quite accurate (which is why one should always read the story), which of these is more likely to draw attention: "White Lodging Hacked" or "Marriott Hacked"?

 

How about "Some Marriott Hotels Hacked"? I get that we want to draw attention to our posts, but this isn't the National Enquirer.

I very much agree with your assertion that" we should read the story", but the OP wasn't providing any back-up to his claim. Thus experienced members like Kalboz were confused.

 

My local "news" covered it as "Hilton hacked" because the one affected local White Lodging property that probably no one in their audience ever stays at was apparently a Hilton Garden Inn.

So which false claim do you like best?

 

It's not just the title. Which part of this entire OP is actually not misleading:

And there was no link to anything that I should have been reading. I asked for it, didn't get it. So NYCUAK1's suggestion to not just read the headline but also the story makes no sense: no story was provided! And certainly no story was ever linked by the OP or anyone else here that backs the OP's claim that Marriott was hacked.

But I guess accuracy doesn't matter. It's just a discussion forum. With not very much traffic, so anything is good.

 

Reading the piece that I had subsequently linked to in which Marriott records were the one's access, I still prefer the OP's not-fully-accurate story. But isn't this water already under the bridge? The OP drew attention to a story, and people contributed bits and pieces until what happened became clear. Why are we trying to crucify the OP for the manner in which s/he brought the story to our attention?

 

How does one do that for the deposit that a hotel requires for incidentals and the bill? You'd paypal or Western Union the cash required + the extra money required for incidentals to the hotel? Pay cash up front and be refunded on checkout if you didn't use all of your $50/100/whatever a day charge for incidentals?

 

I like the fact that the traffic isn't as high as TOBB. The folks here seem a little more...mmmm..friendly and with the exception of this post...accurate?