Travelers beware: it looks like hackers managed once again to steal credit or debit card data from the hotel franchise firm White Lodging Services Corporation, specifically a handful of Marriott properties which White Lodging owns.
Security blogger Brian Krebs said that multiple financial institutions have noticed a pattern of fraudulent charges on cards which appear to share one trait in common: all had been used at a White Lodging-owned Marriott. (White Lodging, meanwhile, says it is investigating, but has found no sign of a new breach.)
If confirmed, this security breach would be the second one to be discovered at White Lodging properties in a little over a year. In January 2014, information came to light suggesting that hackers had managed to lift customer information from various White Lodging properties throughout most of 2013 – not just White Lodging-owned Marriotts, but certain hotels under the names Hilton, Sheraton and Westin, as well.
Now, 13 months later, Krebs' sources in financial institutions are once again seeing evidence of security breaches at many of the same White Lodging-owned hotel properties hit before:
Banking sources say the cards that were compromised in this most recent incident look like they were stolen from many of the same White Lodging locations implicated in the 2014 breach, including hotels in Austin, Texas, Bedford Park, Ill., Denver, Indianapolis, and Louisville, Kentucky. Those same sources said the compromises appear once again to be tied to hacked cash registers at food and beverage establishments within the White Lodging run hotels. The legitimate hotel transactions that predated fraudulent card charges elsewhere range from mid-September 2014 to January 2015.
Contacted about the findings, Marriott spokesman Jeff Flaherty said all of the properties cited by the banks as source of card fraud are run by White Lodging.
So if you've stayed at a White Lodging-run Marriott hotel in the past few months – or if you merely had a drink in the hotel bar or dined in the hotel restaurant – keep an extra-sharp eye out for indications that the card you used for payment has been compromised.