(Reuters) - Starwood Hotels & Resorts Worldwide Inc said payment systems at 54 of its hotels in North America had been infected with a malware designed to collect payment card data.
A third-party investigation showed that the malware was designed to collect certain payment card information, including cardholder name, payment card number, security code and expiration date, Starwood said on Friday.
However, no customer data, such as contact information or personal identification numbers, had been compromised and the malware “no longer presents a threat”, the company said.
Starwood Hotels, which has agreed to be bought by Marriott International Inc, said the payment systems at the 54 hotels had been affected for varying periods between November 2014 and October 2015.
Starwood is the latest hotel operator to report a malware intrusion.
Hilton Worldwide Holdings Inc and Trump Hotel Collection have said that they were investigating possible card fraud at some of their hotels.
Starwood Hotels owned or managed 1,222 properties, including hotels and vacation rentals, globally as of 2014. Of them, about 600 properties were in North America.
The affected hotels include the Sheraton New York Times Square hotel, the Westin New York Grand Central New York and The St. Regis Bal Harbour Resort in Florida. (sta.rw/1QSRA8H)
The company said the affected payment systems were at the restaurants, gift shops and other places in the hotels.
The hotel chain said it has implemented additional security measures to prevent a reoccurrence.
Starwood Hotels’ shares were up 1.3 percent at $73.16, while Marriott’s stock was little changed at $72.24 in afternoon trading.
Reporting by Ankit Ajmera in Bengaluru; Editing by Savio D'Souza and Sriraj Kalluvila