DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Omni Hotels & Resorts notifies guests of payment card breach

Posted on July 8, 2016 by Dissent

Update: It appears that more than 50,000 have been affected.

Original post:

From the notice posted on Omni Hotels & Resorts web site today:

Notice of Data Breach

Message to Our Valued Customers:

Omni values the relationship we have with our guests and wants you to be aware of an incident that may involve your payment card.  We recently became aware of a malware intrusion that affected some point of sale systems at certain Omni hotels.  Promptly after discovering the issue, we immediately engaged leading IT investigation and security firms to determine the facts, and we have now contained the intrusion. Protecting the security of our customers’ personal information is a top priority for Omni.  We value and respect the privacy of your information, and we sincerely apologize for any concern or inconvenience this may cause you.

1. What Happened and What Information Was Involved:

On May 30, 2016, we discovered we were the victim of malware attacks on our network affecting specific point of sale systems on-site at some Omni properties. The malware was designed to collect certain payment card information, including cardholder name, credit/debit card number, security code and expiration date.

We have no indication that reservation or Select Guest membership systems were affected.  Accordingly, if you did not physically present your payment card at a point of sale system at one of the affected Omni locations, we do not believe your payment card was affected.  Additionally, there is no evidence that other customer information, such as contact information, Social Security numbers or PINs, were affected by this issue.  The attacks did not affect all of our hotels, and depending on the location, the malware may have operated between December 23, 2015 and June 14, 2016, although most of the systems were affected during a shorter timeframe.

2. What We Are Doing and What You Can Do:

Upon learning of the intrusion, we promptly engaged leading IT investigation and security firms approved by the major credit card companies to determine the facts and contain the intrusion.  The issue has been resolved, and we have taken steps to further strengthen our systems.  We have contacted law enforcement and are cooperating with its investigation.

Even if you used your payment card at one of the properties involved, it does not mean you will be affected by this issue.  Out of an abundance of caution, you may want to review and monitor your payment card statements if you used a payment card at an Omni hotel during the above referenced dates.  If you believe your payment card may have been affected, please contact your bank or card issuer immediately. We also are offering one year of free identity theft protection and repair to all affected guests to provide an added safeguard. Additional information about those services and other steps you can take to protect yourself is available in the Reference Guide copied below.

3. For More Information:

We sincerely apologize for any inconvenience or concern this incident may cause you.  Our guests are our highest priority, and the privacy and protection of our guests’ information is a matter we take very seriously. If you have any further questions, please call 1-855-303-9809, Monday through Saturday, 8:00 am to 8:00 pm CST or go to omnihotels.allclearid.com.

Sincerely,

Omni Hotels Management

Related posts:

  • Omni Hotels & Resorts attack claimed by Daixin Team; 3.5 million guests’ data stolen (2)
Category: Business SectorMalwareU.S.

Post navigation

← Hackers Allegedly Steal 1.4M Passwords From Mac Forums, Web Hosting Talk
Twitter login credentials up for sale on dark net →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • Mississippi Law Firm Sues Cyber Insurer Over Coverage for Scam
  • Ukrainian Hackers Wipe 47TB of Data from Top Russian Military Drone Supplier
  • Computer Whiz Gets Suspended Sentence over 2019 Revenue Agency Data Breach
  • Ministry of Defence data breach timeline
  • Hackers Can Remotely Trigger the Brakes on American Trains and the Problem Has Been Ignored for Years
  • Ransomware in Italy, strike at the Diskstation gang: hacker group leader arrested in Milan
  • A year after cyber attack, Columbus could invest $23M in cybersecurity upgrades
  • Gravity Forms Breach Hits 1M WordPress Sites
  • Stormous claims to have protected health info on 600,000 patients of North Country Healthcare. The patient data appears fake. (2)
  • Back from the Brink: District Court Clears Air Regarding Individualized Damages Assessment in Data Breach Cases

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • The EU’s Plan To Ban Private Messaging Could Have a Global Impact (Plus: What To Do About It)
  • A Balancing Act: Privacy Issues And Responding to A Federal Subpoena Investigating Transgender Care
  • Here’s What a Reproductive Police State Looks Like
  • Meta investors, Zuckerberg to square off at $8 billion trial over alleged privacy violations
  • Australian law is now clearer about clinicians’ discretion to tell our patients’ relatives about their genetic risk
  • The ICO’s AI and biometrics strategy
  • Trump Border Czar Boasts ICE Can ‘Briefly Detain’ People Based On ‘Physical Appearance’

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.