In a data breach similar to the recently disclosed data breaches at Starwood hotels, Sheraton hotels, Westin hotels and the Trump Hotel Collection, Hilton Worldwide hotels has just announced that it suffered a data breach due to hacking of its point-of sale credit and debit card processors between November 18, 2014 and December 5, 2014 as well as between April 21, 2015 and July 27, 2015.  Hilton did not indicate which of its 4,500 hotels were affected by the data breach in which the hackers managed to steal cardholder names, credit and debit card numbers, security codes and expiration dates.  The theft of this information puts Hilton customers who stayed at a Hilton hotel during those time periods in extreme danger of identity theft and abuse of their credit and debit cards.  Hilton also owns and operates the Conrad, Double Tree and Hampton Inn hotel chains so travelers who stayed at those hotels during the time of the data breaches are also at risk.

As is so often the case in these types of data breaches, HIlton is offering a year of free credit monitoring to those affected by the data breach although it is certainly late to be counting on this to provide significant assistance.  Here is a link to information as to how to apply for the free credit monitoring.

The problem continues to be one of weak cybersecurity of many companies coupled with these companies still using credit card and debit card processors for cards with magnetic strips rather than the safer smart EMV chip cards.  Regulations effective October 1, 2015  mandate credit card issuers and retailers switch over to the new smart EMV chip cards or risk increased legal liability, but unfortunately, many companies have been slow to switch to the new card processing equipment.  If smart EMV chip cards had been used at the Hilton hotels, the information stolen in such a hacking would have been worthless, but since they still used the old fashioned magnetic strip cards, Hilton and its customers face financial problems from this data breach.  Target, which learned its lesson the hard way has already switched to the new EMV chip cards as has WalMart.


Until credit card issuing companies and brick and mortar stores and businesses that take credit cards switch to the new smart EMV chip cards, this story will, as I predicted a year ago, continue to occur again and again.  As for we, as consumers, the best we can do is to refrain from using our debit cards for anything other than an ATM card because consumers whose debit card security has been breached are not protected as much as when a credit card is used for fraudulent purchases.  In addition, if you do not already have a new smart EMV chip card, you should demand one from your credit card company.  They are easy to use and they will provide you with much greater security.  If you used a credit card or debit card at any of the above-mentioned Hilton properties since November of 2014 you should carefully monitor your credit card account and bank account for any indication of a problem.