cyber Ransomware

Hilton Hotels & Resorts

Dec 24, 2023 1 min read
Hilton Hotels & Resorts

The Hilton hotel chain was accused of improperly handling two distinct cyberattacks that resulted in the exposure of its customers' financial information, and as a result, it agreed to pay Vermont and New York $700,000.

According to the inquiry, thieves put denial-of-service malware on Hilton's payment systems, which would have exposed cardholders' personal information.

The business is held accountable for the customers' delayed notice and is charged with having a payment method with inadequate security.

Hilton will improve the security of its payment systems and internal incident response protocols as part of the settlement.

Source: https://securityaffairs.com/65478/data-breach/hilton-hotel-settlement.html

TPRM report: https://scoringcyber.rankiteo.com/company/hilton-hotels-and-resorts-brand

"id": "hil2335171223",
"linkid": "hilton-hotels-and-resorts-brand",
"type": "Breach",
"date": "11/2017",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
{'affected_entities': [{'industry': 'hospitality',
                        'name': 'Hilton',
                        'type': 'corporation'}],
 'attack_vector': 'denial-of-service malware',
 'data_breach': {'sensitivity_of_data': 'high',
                 'type_of_data_compromised': 'financial information'},
 'description': 'The Hilton hotel chain was accused of improperly handling two '
                'distinct cyberattacks that resulted in the exposure of its '
                "customers' financial information, and as a result, it agreed "
                'to pay Vermont and New York $700,000.',
 'impact': {'data_compromised': ["customers' financial information"],
            'financial_loss': '$700,000 in fines',
            'legal_liabilities': 'charged with delayed notice and inadequate '
                                 'security',
            'payment_information_risk': 'high',
            'systems_affected': 'payment systems'},
 'post_incident_analysis': {'corrective_actions': ['improve the security of '
                                                   'payment systems',
                                                   'enhance internal incident '
                                                   'response protocols'],
                            'root_causes': ['inadequate security of payment '
                                            'systems',
                                            'delayed notice to customers']},
 'regulatory_compliance': {'fines_imposed': '$700,000'},
 'response': {'remediation_measures': ['improve the security of payment '
                                       'systems',
                                       'enhance internal incident response '
                                       'protocols']},
 'threat_actor': 'thieves',
 'title': 'Hilton Hotel Chain Data Breach and Malware Attack',
 'type': ['data breach', 'malware attack'],
 'vulnerability_exploited': 'inadequate security of payment systems'}
Published by
Roshni Ray
Roshni Ray
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.