HEI Hotels & Resorts, which operates just under 60 hotels and resorts under a variety of brands including Marriott, Starwood, Sheraton and Westin, has been hit by hackers for months, collecting names and card account numbers.
According to the hotel operator HEI Hotels & Resorts, malware put into place in at least 20 locations may have collected names, card account numbers, card expiration dates and verification codes.
Data from customers may have been collected from early December, through late June. A list of hotels provided by HEI shows some properties were impacted by the malware as early as March of last year.
HEI said in a company release that “We are treating this matter as a top priority, and took steps to address and contain this incident promptly after it was discovered.”
"We are pleased to report that the incident has now been contained and individuals can safely use payment cards at our properties," reads a statement from HEI.
The company said it’s continuing to cooperate with the law enforcement investigation and coordinating with banks and payment card companies.
Anyone who used a card at HEI hotels in the given time frame should review their account statements and look for discrepancies or unusual activity, both over the past several months and going forward, the company said. Customers who notice anything out of place should contact their credit or debit card issuer.