Customers at 2 San Francisco hotels may have had credit cards compromised

Image courtesy

An international hotel company announced on Friday that it experienced malware intrusions that may jeopardize customer payment card data at more than 50 of its U.S. locations, including two San Francisco hotels.

Starwood Hotels & Resorts Worldwide Inc. officials said point of sale systems at gift shops, restaurants and some other locations at these hotels were infected with a virus that allows unauthorized parties to access payment data.

Based on a list of affected locations the company posted today, customers may have had their card data tapped into at San Francisco's Palace Hotel at 2 New Montgomery St. between Dec. 25, 2014 and April 4, company officials said.

The other local hotel was The Westin St. Francis at 335 Powell St., which experienced potential data breaches from March 3 to April 8, according to company officials.

The malware was designed to collect information such as cardholder names, payment card numbers, security codes and expiration dates, company officials said. There is no indication that contact information or personal identification numbers were collected, according to company officials.

The issue has since been resolved, according to the company.

Starwood Hotels officials said the company is "working closely with law enforcement authorities" and is "implementing additional security measures to help prevent this type of crime from reoccurring."

The company's officials are encouraging their customers to carefully review and monitor payment card account statements.