A POS malware problem recently affected Omni Hotels & Resorts, adding to the list of hospitality brands with terminals security issues. The Texas-based company recently released a Notice of Data Breach, disclosing information about an attack discovered less than two months ago.
According to this statement, only some of the brand's locations were affected. The malware used in this case is thought to have run between December 23, 2015 and June 14, 2016, and has most likely only impacted customers who used physical payment cards at the compromised sites.
While the notice did not list which of the Omni hotels were hurt by these incidents, it did mention the offers of free repair and identity theft protection services. Though it is still working with the authorities, Omni also said that the "issue has been resolved."
The only pieces of data at potential risk were "cardholder names, card numbers, security codes and expiration dates." This means that sensitive information, like PINs and Social Security Numbers, don't appear to have been exposed.
Ken Barnes, Omni's CIO, recently spoke to CIO Magazine about the security changes he wants to bring to the company.
"I want to make sure that we have our perimeter set up and that we have people watching that perimeter to protect us," he said. He also expressed a desire to "put applications in place that do more alerting and alarming above and beyond the table stakes [apps], such as those that lock out a user when their password fails three times," as part of the company's drive for security.
Staying in-touch with payment processing software security can be difficult. The support 911 Software gives is useful for merchants who need help integrating the latest PCI-compliant systems.