Noble House Hotels & Resorts Alerts Guests to Security Breach
Noble House Hotels & Resorts warned guests that their credit information might be compromised because of malware found on its payment system. Noble House began an investigation after it was notified by the Secret Service about possible fraudulent activity on the payment card system at one of its properties. It engaged a computer security firm to examine the payment systems at all of the properties it manages for any signs of an issue. Through its investigation, it learned that malware might have been installed on payment processing systems that potentially affected cards swiped at 11 properties.
The information potentially compromised involved data found in the magnetic stripe on payment cards, including payment card number, payment card expiration date, CVV number, and might have included the payment cardholder’s name. The company said it has no evidence that any cards used at these hotels, restaurants or bars outside of the periods identified: April 25 to August 3.
The information potentially compromised by the attack involved Track 1 and Track 2 data found in the magnetic stripe on payment cards. Track 1 data includes name, payment card number, payment card expiration date, and CVV number. Track 2 data does not generally include the payment cardholder name. Because Noble House does not retain this information, it said it is unable to determine whether Track 1 or Track 2 data was exposed for individual guests.
The hotel recommends that guests who used a payment card at one of its affected hotels, restaurants or bars during the time period listed should review their account for unauthorized activities and immediately report any unauthorized charges to their financial institution. If a financial institution declines to reimburse the fraudulent charges, Noble House said it will reimburse guests for any reasonable, documented costs.
The information potentially compromised involved data found in the magnetic stripe on payment cards, including payment card number, payment card expiration date, CVV number, and might have included the payment cardholder’s name. The company said it has no evidence that any cards used at these hotels, restaurants or bars outside of the periods identified: April 25 to August 3.
The information potentially compromised by the attack involved Track 1 and Track 2 data found in the magnetic stripe on payment cards. Track 1 data includes name, payment card number, payment card expiration date, and CVV number. Track 2 data does not generally include the payment cardholder name. Because Noble House does not retain this information, it said it is unable to determine whether Track 1 or Track 2 data was exposed for individual guests.
The hotel recommends that guests who used a payment card at one of its affected hotels, restaurants or bars during the time period listed should review their account for unauthorized activities and immediately report any unauthorized charges to their financial institution. If a financial institution declines to reimburse the fraudulent charges, Noble House said it will reimburse guests for any reasonable, documented costs.