U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

The Hilton hotel chain is paying a $700,000 settlement for credit card data breaches

The Hilton hotel chain is paying a $700,000 settlement after being accused of mishandling two separate credit card data breaches. The Hilton hotel chain is paying a $700,000 settlement to the states of New York and Vermont after being accused of mishandling two separate cyber attacks that exposed financial data of its customers. The credit card breaches […]

The Hilton hotel chain is paying a $700,000 settlement for credit card data breaches

The Hilton hotel chain is paying a $700,000 settlement after being accused of mishandling two separate credit card data breaches.

The Hilton hotel chain is paying a $700,000 settlement to the states of New York and Vermont after being accused of mishandling two separate cyber attacks that exposed financial data of its customers.

The credit card breaches were in 2014 and 2015 and affected more than 363,000 payment cards.

The investigation revealed that crooks installed a PoS malware in Hilton payment systems, potentially exposing customers’ card details between 18 November and 5 December 2014.

The second incident was spotted in July and dates back April of the same year.

Hilton

Hilton Domestic Operating Company, Inc notified customers about the incident only in November 2015.

The company is accused of poor security of its payment system and is responsible for the delay in informing customers.

“Businesses have a duty to notify consumers in the event of a breach and protect their personal information as securely as possible,” said Attorney General Eric T. Schneiderman.

“Lax security practices like those we uncovered at Hilton put New Yorkers’ credit card information and other personal data at serious risk. My office will continue to hold businesses accountable for protecting their customers’ personal information.”

As part of the settlement, Hilton will strengthen the security of its payment systems and internal procedures for incident handling.

Hilton is strongly committed to protecting our customers’ payment card information and maintaining the integrity of our systems,” the company said in a statement.

Let’s try to imagine the outcome of this incident under the forthcoming EU GDPR regulation. With such regulation in line, it would be $420 million, as the fine can represent up to 4 percent of the company’s turnover.

[adrotate banner=”9″] [adrotate banner=”12″]

Pierluigi Paganini

(Security Affairs –  Hilton Hotel, card data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]