White Lodging Releases Info about Data Breach Investigation

Officials of White Lodging Services Corporation, an independent hotel management company, announce the suspected breach of point of sales systems at food and beverage outlets, such as restaurants and lounges, from the period July 3, 2014 through February 6, 2015 at 10 properties. Systems other than the point of sales systems at the food and beverage outlets are not believed to be affected.

The food and beverage outlets affected are located at:
  • Indianapolis Marriott Downtown, Indianapolis, IN
  • Chicago Marriott Midway Airport, Chicago, IL
  • Auburn Hills Marriott Pontiac at Centerpoint, Pontiac, MI
  • Austin Marriott South Airport, Austin, TX
  • Boulder Marriott, Boulder, CO
  • Denver Marriott South at Park Meadows, Denver, CO
  • Louisville Marriott Downtown, Louisville, KY
  • Renaissance Boulder Flatiron, Broomfield, CO
  • Courtyard Austin Downtown, Austin, TX
  • Sheraton Hotel Erie Bayfront, Erie, PA
White Lodging manages hotels under agreements with the hotel owners and is a distinct and separate entity from specific hotel brands.

Guests at the hotels who did not use their credit card at these outlets, and guests who charged to their room account at these outlets, are not believed to be affected. 

"After suffering a malware incident in 2014, we took various actions to prevent a recurrence, including engaging a third party security firm to provide security technology and managed services," said Dave Sibley, White Lodging president and CEO, Hospitality Management. "These security measures were unable to stop the current malware occurrence on point of sale systems at food and beverage outlets in 10 hotels that we manage.  We continue to remain committed to investing in the measures necessary to protect the personal information entrusted to us by our valuable guests.  We deeply regret and apologize for this situation."

Upon learning of the suspected data security breach, company officials immediately contacted appropriate federal law enforcement officials and initiated a third-party forensic review. The company continues to work with investigators and the credit card companies. 

The unlawfully accessed data at risk is believed to be limited to names printed on customers' credit or debit cards, credit or debit card numbers, the security code and card expiration dates.  Guests who used or visited the affected food and beverage outlets during the seven month-period and who used a credit or debit card to pay their bills at the outlets might have had such information compromised and are encouraged to review their statements from that time period. 

The company is offering one year of complimentary fraud resolution and identity protection services, to all affected cardholders. Enrollment information and additional information are on our website (http://www.whitelodging.com/about/payment-card-issues).
This ad will auto-close in 10 seconds