The latest credit card breach revealed has affected more than 10,000 guests of The Houstonian Hotel, Club & Spa. Guests were alerted earlier this week, although officials claim the security breach had been ongoing for almost six months.
Information technology director Jason Love reported the breach was halted on June 20, 2014 after the U.S. Secret Service notified hotel management about the potential compromise of its payment processing systems. The breach was detected to have started on December 28, 2013, nearly one month after Target’s infamous compromise.
A news release issued earlier this week said, “We undertook immediate action to fully secure our customers’ data. As of June 20, we had fully replaced and overhauled the breached systems, further restricted access to all our servers and hired a data forensics firm to help us enhance our digital security.”
The number of transactions or customers affected is yet unclear.
“It’s difficult to know how many customers were impacted because people use multiple payment forms – credit cards, cash, checks and member charges,” said Love.
The Houstonian filed a criminal report with the local police department nearly one month after being notified of the breach. In response, Love said the delay came from the waiting process for the forensic investigators to compile their report.
“We didn’t have absolute certainty that we had stopped everything,” Love said. “We wanted to make sure we had all information before we engaged our members.”
The Houstonian’s six-month breach is yet another example of the breaches that go undiscovered long after hackers have attained their goods. According to the 2014 Data Breach Investigations Report, about 87 percent of breaches are successful within second to minutes and 85 percent of breaches targeting POS systems take weeks to discover.
Read More Here…