Omni Hotels point-of-sales systems hacked

Cybercrime against the hospitality industry continues, as hackers sell card numbers that were used to make fraudulent purchases

Hospitality

By Allie Sanchez

Hackers stole the payment card information of customers of Omni Hotels and Resorts last year by installing malicious software on the company’s point-of-sales system, in an act that may have resonance for the whole hospitality industry.

According to Omni, the malware may have operated between December 2015 and June 2016. The attack compromised 49 of its 60 North American hotels. Furthermore, the hackers took off with cardholder names, numbers, expiry dates and security codes.

Andrei Barysevich, director of cybercrime research at Flashpoint, said in a report that a hacker who goes by the name JokerStash sold 50,000 credit and debit card numbers to online criminal forums, which were then used to make fraudulent purchases.

Barysevich said the hackers installed the malware at Omni’s point-of-sales systems in its hotels and bars. The same technique was used to attack Hyatt Hotels, Starwood Hotels and Resorts, and Hilton in previous incidents.
 

Keep up with the latest news and events

Join our mailing list, it’s free!