In November 2015, the California Office of the Attorney General disclosed that Hilton Worldwide suffered a **malware-driven data breach** targeting its **point-of-sale (POS) systems**. The attack compromised **payment card data** of customers who made transactions at Hilton hotels during two distinct periods: **November 18–December 5, 2014**, and **April 21–July 27, 2015**. The exposed information included **cardholder names, payment card numbers, security codes, and expiration dates**, though **addresses and PINs remained unaffected**. The breach stemmed from unauthorized malware infiltrating Hilton’s POS environment, enabling attackers to harvest sensitive financial details during transactions. While the exact number of affected customers was not specified, the prolonged exposure window heightened risks of **fraudulent card activity, identity theft, and financial losses** for victims. Hilton took remedial actions, including **enhancing payment security protocols** and collaborating with law enforcement. However, the incident underscored vulnerabilities in hospitality sector cybersecurity, particularly in safeguarding **customer financial data** against evolving malware threats. The breach did not involve ransomware or broader systemic disruptions but focused solely on **payment card exploitation** during the specified timeframes.
Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-59022
TPRM report: https://www.rankiteo.com/company/hilton-hotels-and-resorts-brand
"id": "hil038090625",
"linkid": "hilton-hotels-and-resorts-brand",
"type": "Breach",
"date": "11/2014",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'industry': 'Hotel and Resort',
'location': 'Global (primarily U.S. properties)',
'name': 'Hilton Worldwide',
'type': 'Hospitality'}],
'attack_vector': 'Malware (Point-of-Sale Systems)',
'data_breach': {'data_exfiltration': 'Yes (malware exfiltrated card data)',
'personally_identifiable_information': ['Cardholder names'],
'sensitivity_of_data': 'High',
'type_of_data_compromised': ['Payment card data',
'Personally Identifiable '
'Information (PII)']},
'date_publicly_disclosed': '2015-11-24',
'description': 'The California Office of the Attorney General reported that '
'Hilton Worldwide experienced a data breach due to '
'unauthorized malware targeting payment card information in '
'point-of-sale systems. The breach affected customers who used '
'payment cards at Hilton hotels between November 18, 2014, and '
'December 5, 2014, and between April 21, 2015, and July 27, '
'2015. The compromised information included cardholder names, '
'payment card numbers, security codes, and expiration dates, '
'but not addresses or PINs.',
'impact': {'data_compromised': ['Cardholder names',
'Payment card numbers',
'Security codes',
'Expiration dates'],
'identity_theft_risk': 'High (payment card details exposed)',
'payment_information_risk': 'High (card numbers, security codes, '
'expiration dates compromised)',
'systems_affected': ['Point-of-Sale (PoS) systems']},
'initial_access_broker': {'high_value_targets': ['Payment card data']},
'references': [{'date_accessed': '2015-11-24',
'source': 'California Office of the Attorney General'}],
'regulatory_compliance': {'regulatory_notifications': ['California Office of '
'the Attorney '
'General']},
'title': 'Hilton Worldwide Payment Card Data Breach (2014-2015)',
'type': 'Data Breach'}