Wednesday, August 19, 2009
Minneapolis-based Radisson Hotels and Resorts notified its guests in a letter posted on its Web site Aug. 19, 2009, that the computer systems of certain Radisson hotels in the United States and Canada were accessed without authorization between November 2008 and May 2009, a violation of both criminal and civil laws. Radisson is a division of Carlson Hotels Worldwide, which has more than 400 locations in 68 countries.
Fredrik Korallus, Radisson's Executive Vice President and Chief Operating Officer and the letter's author, said the hotel chain has been coordinating with federal law enforcement authorities to assist in the breach investigation.
According to Korallus, the number of hotels involved is limited, but the data accessed may have included cardholder names from credit and debit cards, as well as card numbers and expiration dates. The data reportedly did not include Social Security numbers.
The hotel chain was informed of the unauthorized access by Visa Inc., MasterCard Worldwide and Radisson's payment processor, which was not identified.
"Radisson values guest privacy and deeply regrets this incident occurred," Korallus said. "Working with law enforcement and forensic investigators, Radisson is conducting a thorough review of the potentially affected computer systems and has implemented additional security measures designed to prevent a recurrence of such an attack. We are also working closely with major credit card suppliers and law enforcement to ensure this issue is properly addressed."
Radisson also disseminated notice of the incident through media outlets, law enforcement, credit reporting agencies, and its payment processor and acquiring bank.
The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.