Mandarin Oriental has revealed that credit card systems in some of its hotels in Europe and the US have been breached in a malware attack.
The hotel group says it has identified and removed the malware and is coordinating with credit card agencies, law enforcement authorities and forensic specialists to ensure that all necessary steps are taken to keep its systems and hotel guests protected. With incidents of this nature increasingly becoming an industry-wide concern, the hotel chain’s IT team has also alerted its technology peers in the hospitality industry.
A statement from the Mandarin Oriental read: “We take the protection of customer information very seriously. Unfortunately incidents of this nature are increasingly becoming an industry-wide concern and we have therefore also alerted our technology peers in the hospitality industry.”
“Guests can be confident that security protocols are being thoroughly tested at all hotels to protect guest information and prevent a recurrence of such an attack,” the company said. “While we have executed additional security protocols, we do not wish to disclose specific details of our security measures.”
Mandarin Oriental has not revealed exactly which of its 24 hotels have been targeted, confirming only that “an isolated number of hotels in the US and Europe have been affected, and none in Asia.” The company’s forensic investigation is still underway and specific hotels are unlikely to be named until the study is complete.
However, Forbes Travel Guide quoted as source who said all of Mandarin Oriental’s US locations, including New York, Las Vegas, Washington DC and Boston, have been affected, with the attack beginning in December 2014.
The hotel group has put additional security measures in place at all hotels and says it is working to ensure everything possible is being done to protect our guests’ personal information.
If any Mandarin Oriental customers suspect any unauthorised activity on their bank cards, it is recommended that they contact their credit card provider directly.
How much do you know about hacking and viruses? Take our quiz to find out!
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…
US prosecutors confirm earlier reports, demand Google sells off Chrome web browser and end default…
View Comments
Unfortunately, they have just learned the hard way that compliance does not equal security. This is a lesson provided by their counterparts at other companies that have been previously hacked. It’s important for all organizations that collect credit card and other sensitive data to not only follow PCI and privacy guidelines, but go beyond them, as they are just a baseline or minimum of acceptable security.