Westin Hotel's POS Hacked


Travelers who checked in to the Westin Bonaventure Hotel & Suites in Los Angeles between April and December last year are being advised to review their credit card statements and credit reports this week after hotel officials warned of yet another security breach.

The hotel's point-of-sale system (POS) for processing debit and credit card transactions "may have been illegally accessed by an outside hacker," hotel officials said in a statement, adding that they are working with law enforcement agencies and major credit card companies to investigate the likely breach.

So far, Westin Bonaventure officials have isolated the source of the security breach to four bars and eateries on the property, as well as the valet parking station. The venues in question include the Lake View Bistro, the Lobby Court Bar, the Bonavista Lounge, and LA Prime.

The data possibly compromised by hackers includes customers' names, credit and debit card numbers, as well as card expiration dates.

"If you paid through the use of a credit or debit card at any of these outlets during [between April and December 2009], your card information may have been accessed," managing director Michael Czarcinski said in a letter to customers posted on the hotel's Web site.

Westin officials said the hackers were not able to access any information from the hotel's computer system and the breach did not affect any charges made to guests' rooms.

Nonetheless, the company is providing free credit-monitoring services for anyone who used their credit or debit cards at those establishments during the nine-month period.

"We value our customers' privacy and deeply regret that this incident may have occurred," Czarcinski added.

The Westin Bonaventure Hotel & Suites is independently owned by Today's IV, and operated by Interstate Hotels & Resorts.

Earlier this week, fellow hotelier Wyndham Hotels and Resorts fessed up to its second security breach in as many years, warning customers that hackers broke into its computer systems and accessed a "small percentage" of customer payment card data.

Hacking attacks on retail POS systems have become an almost daily occurrence.

Security software vendor Symantec (NASDAQ: SYMC) in February reported that 75 percent of businesses have endured some type of cyber attack in the past year.

Larry Barrett is a senior editor at InternetNews.com, the news service of Internet.com, the network for technology professionals.