As much as 20 United States hotels have been hit by malware and fears are spreading that customer data, including credit card information, was stolen.
According to a Reuters report, hotels under attack include Starwood, Marriott, Hyatt and Intercontinental – all part of the HEI Hotels & Restaurants.
The company said the malware was developed specifically to target it and collect credit card data from its systems.
The malware was found two months ago, on payment systems used all over these hotels – in restaurants, bars, lobbies, and spas.
The number of people affected is hard to estimate, the company said, as many people used their credit cards more than once. However, there were some 8,000 transactions at the Hyatt Centric Santa Barbara hotel in California, as well as 12,800 at the IHG Intercontinental in Tampa, Florida, during this period.
A total of 12 Starwood hotels were affected, six Marriott Internationals, one Hyatt Hotel and one InterContinental Hotels Group, with the malware in operation from March 1 2015, to June 21, 2016. The company also said 14 hotels were infected during December last year.
Federal authorities have been alarmed, and a new payment system installed.
Here is a list of all the hotels affected:
Starwood's Westin hotels in Minneapolis; Pasadena, California; Philadelphia; Snowmass, Colorado; Washington, D.C.; and Fort Lauderdale, Florida. Also affected were Starwood properties in Arlington, Virginia; Manchester Village, Vermont; San Francisco; Miami; and Nashville, Tennessee.
Marriott properties in Boca Raton, Florida; Dallas-Fort Worth, Texas; Chicago; San Diego, California; and Minneapolis.