Today, the upscale hotel chain Mandarin Oriental confirmed it has suffered a credit card breach at a number of isolated locations across the United States and Europe.
The company said in a statement the intrusion involved “undetectable malware by all anti-viral systems,” but has since removed the malware from its systems.
According to independent security journalist Brian Krebs, the company was alerted of a pattern of fraudulent charges on customer cards, which had all been recently used at various Mandarin Oriental locations.
“We can confirm that only an isolated number of hotels in the US and Europe have been affected, and none in Asia,” said the company. “The forensic investigation is still underway and we are unable to confirm specific hotel details at this time.”
However, banking industry sources believe the compromise likely involves the majority of US-based hotels, including locations in Las Vegas, New York, Miami, Florida, Boston and Washington D.C.
Krebs also added sources estimate the compromise could date back to December of 2014.
“Unfortunately, incidents of this nature are increasingly becoming an industry-wide concern and therefore, we have also alerted our technology peers in the hospitality industry.” – Mandarin Oriental
Recent customers of the hotel chain are recommended to monitor their banking statements closely, and report any unauthorized activity directly to their credit card provider.
“The Group has put additional security measures in place at all hotels and is working to ensure everything possible is being done to protect our guests’ personal information,” said the company.