Omni Hotels Becomes the Latest Hotel to Suffer PoS Malware

Written by

Another day, another major breach. This time, luxury hospitality chain Omni Hotels has disclosed a payment card breach, with which certain properties were infected by point-of-sale malware that stole guests’ card details.

Omni Hotels became aware of the problem May 30, when malware was discovered that was designed to collect certain payment card information, including cardholder name, credit/debit card number, security code and expiration date. It said that there’s no evidence that other customer information, such as contact information, Social Security numbers or PINs were affected by the issue.

Depending on the location, the malware may have operated between December 23, 2015 and June 14, 2016. Specific properties and the number of suspected victims have not been made public.

“We have no indication that reservation or Select Guest membership systems were affected,” the company said in its notice. “Accordingly, if you did not physically present your payment card at a point of sale system at one of the affected Omni locations, we do not believe your payment card was affected.”

The one good thing is that it appears that Omni Hotels’ internal safeguards picked up the problem.

“The bright spot in this breach appears to be that Omni Hotels detected the activity themselves,” said Tim Erlin, director of IT security and risk strategy for cybersecurity company Tripwire, via email. “Many breaches in the past have been detected, not by the compromised business, but by third parties noticing fraudulent activity. Point-of-sale systems remain attractive targets for criminals. As long as they’re vulnerable and process credit card data, the status quo will remain. Security professionals at retailers should use this incident to drive a review of the controls on their own point of sale systems.”

This is only the latest malware attack on the hospitality sector. Mandarin Oriental, Trump Hotels, Starwood, Rosen Hotels and, most recently, the Hard Rock Hotel have all been hit in the last year or so.

Photo © jlawanykum/

What’s hot on Infosecurity Magazine?