Mandarin Oriental Admits Credit Card Data Breach

Mandarin Oriental has revealed that credit card systems in some of its hotels in Europe and the US have been breached in a malware attack.

The hotel group says it has identified and removed the malware and is coordinating with credit card agencies, law enforcement authorities and forensic specialists to ensure that all necessary steps are taken to keep its systems and hotel guests protected. With incidents of this nature increasingly becoming an industry-wide concern, the hotel chain’s IT team has also alerted its technology peers in the hospitality industry.

Protecting customers

A statement from the Mandarin Oriental read: “We take the protection of customer information very seriously. Unfortunately incidents of this nature are increasingly becoming an industry-wide concern and we have therefore also alerted our technology peers in the hospitality industry.”

Mandarin Oriental added that it moved swiftly to address this issue by working with forensic experts and has removed the offending malware. While the Group claims to have leading data security systems in place, this malware was undetectable by all anti-viral systems, the company said.

“Guests can be confident that security protocols are being thoroughly tested at all hotels to protect guest information and prevent a recurrence of such an attack,” the company said. “While we have executed additional security protocols, we do not wish to disclose specific details of our security measures.”

Mandarin Oriental has not revealed exactly which of its 24 hotels have been targeted, confirming only that “an isolated number of hotels in the US and Europe have been affected, and none in Asia.” The company’s forensic investigation is still underway and specific hotels are unlikely to be named until the study is complete.

However, Forbes Travel Guide quoted as source who said all of Mandarin Oriental’s US locations, including New York, Las Vegas, Washington DC and Boston, have been affected, with the attack beginning in December 2014.

The hotel group has put additional security measures in place at all hotels and says it is working to ensure everything possible is being done to protect our guests’ personal information.

If any Mandarin Oriental customers suspect any unauthorised activity on their bank cards, it is recommended that they contact their credit card provider directly.

How much do you know about hacking and viruses? Take our quiz to find out!

Duncan Macrae

Duncan MacRae is former editor and now a contributor to TechWeekEurope. He previously edited Computer Business Review's print/digital magazines and CBR Online, as well as Arabian Computer News in the UAE.

View Comments

  • Unfortunately, they have just learned the hard way that compliance does not equal security. This is a lesson provided by their counterparts at other companies that have been previously hacked. It’s important for all organizations that collect credit card and other sensitive data to not only follow PCI and privacy guidelines, but go beyond them, as they are just a baseline or minimum of acceptable security.

Recent Posts

Google Fiber Plans US Network Expansion – Report

Google Fiber resurfaces. Network to be expanded to offer speedy internet connectivity to cities in…

7 hours ago

Samsung Unveils Two New Folding Smartphones

Foldable updates from Samsung. include new versions of its pocket sized square (Galaxy Z Flip…

8 hours ago

Facebook At Centre Of US Teenager Home Abortion Case

Court documents show Facebook provided police in the US state of Nebraska with a teenager's…

11 hours ago

President Biden Signs $53 Billion US Chips Act

President Joe Biden signs landmark bill to encourage chip makers to build more semiconductor manufacturing…

12 hours ago

WhatsApp Update To Allow Users To Leave Groups Silently

Privacy changes to WhatsApp. No more blanket notifications to a group if a user decides…

13 hours ago