Credit card breaches are old news. Well, sort of. It seems like every day there is a new one, but we have gotten used to them. If you are a slight geek, you have your bank send you a text or email every single time your card is used. The first time that it is used and it is not you, you call the bank, they cancel the card and send you a new one.
Debit cards are more of a pain in the rear, especially if they have your PIN, so if you had a PIN based debit card compromised you MUST move quickly. You do not have 60 days after you get your statement – you have like 2 days as I recall – which is why I STRONGLY recommend that people do not use their debit card as a PIN based debit card except at your bank. Almost all banks will issue a Visa or Mastercard logoed debit card which you can use as a credit card. While the money still comes out of your bank account instantly, it is processed as a credit card and the credit card protection rules apply. Even though the credit card terminal in the store will try very hard to get you to use that card as a debit card (because it is cheaper for them), resist the temptation – DO NOT DO IT!
Anyway, back to the breach of the day.
Today it is Starwood Hotels – owner of Westin, Sheraton, W and many other brands.
The breach affected about 50 properties (list is in their announcement which is linked below). Some hotels were affected between March and April of this year. Others between March and May and still others between November of last year and April of this year.
As seems to be usual, the breach only affects restaurants, gift shops and other (likely outsourced) systems. It did not affect the front desk system.
I assume that Starwood outsources the restaurants and gift shops and those companies likely outsource their point of sale systems. The different date ranges could mean that there is more than one outsourcer affected and that we may see other notices soon. This is all speculation as Starwood has not said very much other than that protecting your information is a top priority.
Given that they apparently were not able to protect their top priority …………
As I have said before, if you watch your card and bank charges religiously, this is not a big issue for you. It is, however, a big issue for Starwood and their likely outsourced restaurants and gift shops and they will spend millions and sue and be sued for the next several years.
Assuming these departments are outsourced, it is one more example of how supply chain security is a huge problem for businesses that they are not paying enough attention to it.
This comes just days after Marriott purchased Starwood. I certainly hope they disclosed this!
My two cents.