September 01, 2016

Data breach hit 60 Kimpton Hotels locations

Kimpton Hotels admitted on Wednesday that a data breach affected 60 of its 62 locations this year, after first announcing it would investigate the apparent breach in July.

KrebsOnSecurity, which was the first to notify Kimpton of the breach, had originally estimated more than 20 locations were affected.

The breach affected cards used at the 60 hotels and restaurants between Feb. 16 and July 7. It is not yet clear how many cards were affected.

Kimpton joins a growing list of recently breached hotels, including Trump Hotels, Hilton, Mandarin Oriental, White Lodging, Starwood Hotels and Hyatt. Most of the incidents involved point-of-sale malware.

NAFCU continues to push for a strong national data security standard for retailers through the "Data Security Act" (H.R. 2205/S. 961), which would hold retailers to the same standards credit unions already follow under the Gramm-Leach-Bliley Act and institute consumer notification requirements.