Boutique Hotel Chain Kimpton Confirms Credit Card Breach at Numerous Hotels
Payment terminals were compromised for up to six months
Boutique hotel chain Kimpton has confirmed that credit card information was stolen from its payment terminals at more than 60 hotels.
Kimpton first began to investigate the possibility of a data breach in July when it heard about several unauthorized charges to credit cards belonging to people who had recently stayed at its hotels.
The investigation confirmed that hackers had installed malware on servers used at the restaurants and front desks to process payments at more than 60 of its locations.
The hack appears to have started in February 2016 and did not last the same length of time at every location. Some places, especially restaurants and bars, were compromised only for a few weeks, while others, such as hotels, were affected for up to five months.
Kimpton claims that the information stolen includes credit card numbers, expiration dates, and internal verification codes, with the name of the cardholder being stolen in only a "small number of instances."
The company will soon notify customers who used credit cards at one of the affected locations during the relevant period by writing if it has their contact information.
Consumers should remember that they are not liable for fraudulent transactions charged to their credit cards as long as they notify the card issuer about the transaction in question within a reasonable amount of time.