Hilton says point-of-sale systems hit with malware

Hilton Worldwide said it discovered that malware designed to poach payment card data was active in late 2014 and for a period in 2015.

Hilton Worldwide said that it has discovered malware on its point-of-sale terminals that was aimed to grab payment card information.

The hotel chain said it has "taken action to eradicate unauthorized malware" and started an investigation. Hilton also said it has strengthened its systems.

According to a statement, Hilton customers may have been effected from Nov. 18 to Dec. 5 2014 and April 21 to July 27. That 17-week period with large gaps indicates the malware would go quiet for a bit and then strike.

Hilton added:

Hilton Worldwide worked closely with third-party forensics experts, law enforcement and payment card companies on this investigation, and determined that specific payment card information was targeted by this malware. This information includes cardholder names, payment card numbers, security codes and expiration dates, but no addresses or personal identification numbers (PINs).

The company said that it is offering credit monitoring and has provided an update page.