Skip to main content

Luxury hotel chain Mandarin Oriental hit by hackers

luxury hotel chain mandarin oriental hit by hackers credit card security
Johan Swanepoel
Mandarin Oriental has been hit by hackers, the company confirmed on Thursday.

The luxury hotel chain joins a growing list of major companies who’ve suffered at the hands of cybercriminals in the last 18 months.

Recommended Videos

The hotel group said point-of-sale systems at a number of its hotels in both the U.S. and Europe — though not in Asia — had been infected with malware, giving hackers access to credit card details of some of its customers.

It said that at the current time it was unable to name which of its 45 hotels had been hit in the attack, or say precisely how much data was taken, though such information is likely to be made available once the investigation is complete.

“From the information we have to date, the breach has only affected credit card data and not any other personal guest data, and credit card security codes have not been compromised,” the Mandarin Oriental Group said in a release.

“The Group has identified and removed the malware and is coordinating with credit card agencies, law enforcement authorities and forensic specialists to ensure that all necessary steps are taken to fully protect our guests and our systems across our portfolio,” it said.

The company promised customers it had “moved swiftly” to deal with the situation once the scam was discovered, and made assurances that “security protocols are being thoroughly tested at all hotels to protect guest information and prevent a recurrence of such an attack.”

We can expect to hear an update from the group before too long, but in the meantime, if you’ve recently used a credit card at one of its hotels in the U.S. or Europe, it’s recommended you keep an eye out for any suspicious behavior on your card.

Last year was a rotten one for companies dealing with point-of-sale scams, with Home Depot and Target among dozens of popular retailers hit by such attacks.

Criminals sell the nabbed credit card data on illicit hacking forums, with buyers using it to buy goods online or withdraw money from bank accounts.

Trevor Mogg
Contributing Editor
Not so many moons ago, Trevor moved from one tea-loving island nation that drives on the left (Britain) to another (Japan)…
Hackers are using a devious new trick to infect your devices
A person using a laptop with a set of code seen on the display.

Hackers have long used lookalike domain names to trick people into visiting malicious websites, but now the threat posed by this tactic could be about to ramp up significantly. That’s because two new domain name extensions have been approved which could lead to an epidemic of phishing attempts.

The two new top-level domains (TLDs) that are causing such consternation are the .zip and .mov extensions. They’ve just been introduced by Google alongside the .dad, .esq, .prof, .phd, .nexus, .foo names.

Read more
This clever browser extension could banish viruses for good
A person using a laptop on a desk with a web browser showing the HubSpot marketplace on their screen.

With all the viruses, phishing scams and other malware lurking on the internet, using a web browser can be risky business these days. But one firm thinks it could make your web surfing much safer without adding any hassle.

A company named SquareX has just raised $6 million to develop an extension that would create virtual sandboxes within your web browser. Any time you’re tempted to open a file or click a link that comes from an unknown sender or could potentially pose a threat, SquareX’s extension would step in and let you open it in a kind of disposable browser.

Read more
This Bing flaw let hackers change search results and steal your files
The new Bing preview screen appears on a Surface Laptop Studio.

A security researcher was recently able to change the top results in Microsoft’s Bing search engine and access any user’s private files, potentially putting millions of users at risk -- and all it took was logging into an unsecured web page.

The exploit was discovered by researcher Hillai Ben-Sasson at their team at Wiz, a cloud security firm. According to Ben-Sasson, it would not only allow an attacker to change Bing search results but would also grant them access to millions of users’ private files and data.

Read more