Hotel chain Omni Hotels & Resorts said on Friday (July 8) that it had been hacked and disclosed that the hackers stole payment card data through accessing point-of-sale systems.
The hackers, once gaining access to that hardware, installed malicious software on the POS systems, reported The Wall Street Journal. The firm noted that the “malware may have operated between Dec. 23, 2015, and June 14, 2016,” but also assessed that “most of the systems were affected during a shorter time frame,” according to a statement on the Omni corporate website. A majority of hotels were affected, to the tune of 49 of 60 locations. The firm learned of the breach on May 30.
The malware was installed on POS systems located at Omni hotels and bars.
Estimating the magnitude of the breach, Omni said that 50,000 payment card numbers have been compromised and sold on criminal online conduits by a hacker who goes by the moniker JokerStash. That information, said WSJ, was provided by Andrei Barysevich, director of cybercrime research at Flashpoint. The firm had been working with payments processors and also card issuers on investigating the Omni breach. The hackers themselves have been using the pilfered information to conduct fraudulent activity since February of this year.
JokerStash has been working with a team of hackers, said Barysevich, on a sophisticated operation.
In addition to stealing payment card information, the hackers made off with cardholder names, security codes and expiration dates, noted WSJ. Omni has said that “there is no evidence” that other information, ranging from contact details to Social Security data, was compromised.