The Mandarin Oriental Hotel Group has confirmed that its hotels suffered a credit card breach. The hotel reported that its point-of-sale systems had been infected with malware that was capable of stealing credit card data.
In an email the hotel group stated, “Mandarin Oriental can confirm that the credit card systems in an isolated number of our hotels in the US and Europe have been accessed without authorization and in violation of both civil and criminal law. The Group has identified and removed the malware and is coordinating with credit card agencies, law enforcement authorities and forensic specialists to ensure that all necessary steps are taken to fully protect our guests and our systems across our portfolio.Unfortunately incidents of this nature are increasingly becoming an industry-wide concern. The Group takes the protection of customer information very seriously and is coordinating with credit card agencies and the necessary forensic specialists to ensure our guests are protected.”
Although the hotel has not said which locations were effected and when, banking sources report that “most if not all Mandarin hotels in the United States, including locations in Boston, Florida, Las Vegas, Miami, New York, and Washington, D.C.” Additionally, sources state that the breach goes back to at least December 2014.