Omni Hotels & Resorts on Friday warned customers that hackers stole payment-card information from the hotel chain by gaining access to its point-of-sale systems and installing malicious software.
“(The) malware may have operated between Dec. 23 and June 14, although most of the systems were affected during a shorter time frame,” the company wrote on its website.
Omni said 49 of its 60 North American hotels were affected. The company said it learned of the breach on May 30.
More than 50,000 payment-card numbers related to the breach have been sold on criminal online forums by a hacker calling himself JokerStash, said Andrei Barysevich, director of cybercrime research at Flashpoint, a company that researches criminal activity on the internet.
An Omni spokesman couldn’t immediately say how many customers were affected. The hackers stole cardholder names, card numbers, expiration dates and security codes.
