Hilton Worldwide is engaged in an investigation of a possible data breach. According to a statement, investigators believe it occurred via the Point of Sale (POS) terminals at in its hotel restaurants, coffee shops, and gift stores. The hotels affected include Doubletree, Embassy Suites, Hampton Inn & Suites, and Waldorf Astoria across the U.S. A specific list of locations has not yet been provided. It is believed that anyone who may have used the restaurants or gift shops between April 21 and July 27 of this year may be affected. It is not clear if the incident has concluded and some sources indicate it may go back to November of 2014.
Those who have stayed at any of these locations are advised to diligently monitor payment card details for potential fraudulent charges. Report those to the card issuing institution immediately. The sooner you let them know, the more efficiently the charges can be remedied. In addition, if there is an option to use a debit card as a credit card, choose that option. This provides more protection than using it as a debit card. Using it this way requires you to enter a PIN number, which may end up in the hands of the crooks along with the payment card number. They can then copy it and use it at an ATM to wipe out your bank account.
Payment card losses due to fraud are estimated to be somewhere near $30 billion each year and the number is increasing. Over half of the worldwide fraudulent payment card charges happen in the United States. This is likely due to the fact that cards are so widely accepted all over the country, even for very small charges.
Hilton is continuing to look into the matter and in a statement said it is committed to protecting customer information. The breach was reported by Brian Krebs, an investigative journalist whose sources say the POS terminals are the culprits. Financial institutions reported a pattern of card fraud suggesting the compromise. This situation is ongoing as it is expected more details are forthcoming.