White Lodging releases additional information about data breach investigation (updated)

Forgot to post this one the other day….

MERRILLVILLE, Ind., Feb. 3, 2014 /PRNewswire/ — Officials of White Lodging Services Corporation, an independent hotel management company, announce the suspected breach of point of sales systems from the period March 20 – December 16, 2013 at food and beverage outlets, such as restaurants and lounges, at 14 properties.

In addition, there was one property where the point of sale system and property management system used at the front desk were also suspected as affected.

White Lodging manages hotels under agreements with the hotel owners and is a distinct and separate entity from specific hotel brands. The food and beverage outlets affected by the suspected breach were located at the following hotels:

  • Marriott Midway, Chicago, IL
  • Holiday Inn Midway, Chicago, IL
  • Holiday Inn Austin Northwest, Austin, TX
  • Sheraton Erie Bayfront, Erie, PA
  • Westin Austin at the Domain, Austin, TX
  • Marriott Boulder, Boulder, CO
  • Marriott Denver South, Denver, CO
  • Marriott Austin South, Austin, TX
  • Marriott Indianapolis Downtown, Indianapolis, IN
  • Marriott Richmond Downtown, Richmond, VA
  • Marriott Louisville Downtown, Louisville KY
  • Renaissance Plantation, Plantation, FL
  • Renaissance Broomfield Flatiron, Broomfield, CO
  • Radisson Star Plaza, Merrillville, IN

Guests at the hotels who did not use their credit card at these outlets, and guests who purchased to their room account at these outlets, were not affected.

At the Radisson Star Plaza in Merrillville, IN, we suspect that the points of sale system at food and beverage outlets were affected as well as the property management system that manages hotel guests’ credit card information.

Upon learning of the suspected data security breach, we immediately contacted appropriate federal law enforcement officials and initiated a third-party forensic review, including a review of all other properties managed by White Lodging.  We continue to work with investigators and the credit card companies.

The unlawfully accessed data may have included names printed on customers’ credit or debit cards, credit or debit card numbers, the security code and card expiration dates.  Guests who used or visited the affected businesses during the nine month-period and who used a credit or debit card to pay their bills at the outlets might have had such information compromised and are encouraged to review their statements from that time period.

We will be releasing additional information about this incident in the near future and will post it on our website (www.whitelodging.com).  In addition, we are currently arranging to offer one year of complimentary personal identity protection services to all affected cardholders.

While the financial institutions that have issued the credit or debit cards that are suspected of being affected by this incident are already aware of this situation and are increasing their fraud monitoring or have reissued the card, customers who suspect unauthorized activity should report it to the issuer of the credit or debit card. The policies of the payment card brands such as Visa, MasterCard, American Express and Discover provide that you have zero liability for any unauthorized charges if you report them in a timely manner.

Guests should also consider placing a fraud alert on their credit files. An initial fraud alert, which lasts for 90 days, requires potential creditors to use reasonable policies and procedures to verify a customer’s identity before issuing credit to the customer. To place an alert, calls can be made to any one of the following three credit reporting agencies:  Experian (888) 397-3742;  Equifax  (800) 525-6285; or TransUnion (800) 680-7289.  A fraud alert request call to any of the three agencies will result in all three agencies implementing the alert.  Customers then will receive letters from all three agencies, confirming that the alert is in place and letting customers know how to obtain a free copy of your credit report.  Interested parties also can order a free copy of the customer’s credit report by calling (877) 322-8228 or by visiting  http://www.annualcreditreport.com.

We deeply regret and apologize for any inconvenience caused by this incident and remain committed to protecting all information entrusted to us by our guests.

White Lodging Services Corporation – was established in 1985 and is headquartered in Merrillville, Ind. White Lodging is a fully integrated hotel ownership, development and operations company – a recognized leader that has defined and cultivated the ability to achieve consistent, sustainable growth among mid-to large-scale hotels across the country. Its current portfolio consists of more than 169 hotels in 21 states and encompasses representation of the following leading brands: Preferred Hotel Group, Marriott International, Inc., Hilton Worldwide, Hyatt Global, Starwood Hotels and Resorts, InterContinental Hotel Group and Carlson Rezidor Hotel Group.

For more information about White Lodging, please visit www.whitelodging.com.

Contact:
Kathleen Quilligan
Phone: 219.472.2861
Fax: 219.472.2273

SOURCE White Lodging Services Corporation

 

Update: Their notification (and Part 2) to the Maryland Attorney General’s Office

Update of 6-17-2014: AmEx’s notification to its customers.

About the author: Dissent

Has one comment to “White Lodging releases additional information about data breach investigation (updated)”

You can leave a reply or Trackback this post.
  1. WhoComplies - February 10, 2014

    More info on credit monitoring offered:

    We have prepared this information to answer questions you may have about this incident and describe resources that we believe will be informative and helpful to you.

    As mentioned, we are also offering one year of complimentary personal identity theft protection services, provided by AllClearID, to those affected by this incident.

    For more information about how to enroll for this service please call 1-855-865-4453 or visit https://whitelodging.allclearid.com. If you are a non-U.S. resident the available services will vary.

Comments are closed.