Hilton has reached a $700,000 settlement with the attorney generals of New York and Vermont following a pair of credit card data breaches in 2014 and 2015.
The company was accused of being slow to inform customers and lacking sensible data security.
Reuters reported the hotel giant has agreed to disclose breaches faster, enhance its monitoring of threats and meet the card industry's data security standards in wake of the breaches, which exposed more than 363,000 payment card numbers.
The breaches occurred between November 18, 2014, and December 5, 2014, then again between April 21, 2015, and July 27, 2015.
Hilton confirmed the unauthorized malware detections in late-November 2015, more than nine months after it learned of the first breach-discovered in February 2015 when a U.K.-based Hilton system began communicating with a suspicious outside computer-and more than three months after it discovered the second breach.
"Two years ago, Hilton took action to eradicate unauthorized malware that targeted guest payment card information," the company said in a statement. "Hilton is strongly committed to protecting our customers' payment card information and maintaining the integrity of our systems."
New York will receive $400,000 in the settlement while Vermont will collect the remaining $300,000.
Hilton is one of several hotel chains recently targeted by card data-seeking malware. The list includes InterContinental Hotels Group, Trump Hotels, Kimpton and Rosen Hotels, among others.
Even Sabre, one of the world's largest technology companies providing solutions for the hospitality industry, hasn't been immune.
Guests unsettled by the recent string of breaches can follow some helpful tips to protect themselves, starting with using a credit card to book their reservation. It's also a good idea to keep a close eye on your card statements so you can quickly report any fraudulent charges.
Topics From This Article to Explore
