Data breach hits Hilton Worldwide hotel chain

Point of Sale terminals may have compromised customers’ card details. Computer Weekly has today reported that Hilton International has identified malware on its Point of Sale (PoS) terminals that may have compromised customers’ card details. This isn’t unique to Hilton Hotels, similar data compromises have recently been identified at the Mandarin Oriental Group, the Las Vegas Hard Rock Hotel & Casino, the LAs Vegas Sands Casino and Trump Hotels. As a precautionary measure, the Hilton hotel group advised customers to review and monitor their payment card statements if they used a payment card at a Hilton Worldwide hotel between 18th November and 5th December 2014, and between 21st April and 27th July 2015. We at Compliance3 don’t often speak about Point of Sale (or ’Customer Present’) fraud, according to the UK Cards Association “Card Fraud losses in in 2012 were down 75 per cent since the peak losses of £218.8 million in 2004, prior to the roll out of Chip & PIN in the UK.” But payment streams are inextricably linked – the criminals won’t be going away any time soon – and as ‘Chip & Pin’ gets rolled out across the United States it is expected that ‘Customer Present’ fraud will follow the UK experience and fall significantly. However as ‘Customer Present’ fraud falls, it is anticipated that ‘Customer Not Present’ fraud will increase – to an estimated $6.4bn in 2018 across the United States. And contact centres – payments by telephone – continue to be seen as a target for criminals. According to Detective Chief Inspector Derek Robertson of Strathclyde Police ”We know of organised crime groups...