Kimpton finds malware in data breach investigation
Kimpton finds malware in data breach investigation
01 SEPTEMBER 2016 8:46 AM

Kimpton Hotels & Restaurants has notified guests of a likely data breach after malware was discovered in the servers that process payment card systems at the restaurants and front desks of some of its hotels.

SAN FRANCISCO, Aug. 31, 2016 /PRNewswire/ -- Kimpton Hotels & Restaurants has completed its investigation of the previously announced payment card security incident.

Kimpton Hotels & Restaurants received a report on July 15, 2016 of unauthorized charges occurring on payment cards after they had been used by guests at the restaurant in one of our hotels. We immediately began to investigate the report and hired leading cyber security firms to examine our payment card processing system. Findings from the investigation show that malware was installed on servers that processed payment cards used at the restaurants and front desks of some of our hotels. The malware searched for track data read from the magnetic stripe of a payment card as it was being routed through the affected server. The malware primarily found track data that contained the card number, expiration date, and internal verification code, but in a small number of instances it may have found the track that also contains the cardholder name.

This incident involved cards used at certain restaurants and hotel front desks from February 16, 2016 to July 7, 2016. A list of the affected hotel front desks and restaurants, along with the specific time frames for each (times vary by location) is located The site also contains more information on steps guests may take to protect their information. Kimpton Hotels & Restaurants does not have information available to identify the name and address of restaurant guests. We will be mailing letters to those guests who used their card at a front desk during an at risk time frame for whom we have a mailing address.

It is always advisable to remain vigilant to the possibility of fraud by reviewing your payment card statements for any unauthorized activity. You should immediately report any unauthorized charges to your card issuer because payment card rules generally provide that cardholders are not responsible for unauthorized charges reported in a timely manner. The phone number to call is usually on the back of your payment card.

We have resolved the issue and continue to work with the cyber security firms to further strengthen our existing security measures. We notified law enforcement and are also working with the payment card networks so that the banks that issue payment cards can be made aware and initiate heightened monitoring on the affected cards.

We regret any inconvenience this may have caused. If you have questions, please call (888) 339-3142 from 9:00 a.m. to 8:00 p.m. EDT, Monday to Friday.

The above is a news release written by a third party. While HNN’s editorial mission is to produce unique content, it occasionally publishes timely, newsworthy news releases to complement in-house reporting efforts. All news releases are clearly marked as such. For questions and clarification, please contact Editor-in-Chief Stephanie Ricca at

No Comments

Comments that include blatant advertisements or links to products or company websites will be removed to avoid instances of spam. Also, comments that include profanity, lewdness, personal attacks, solicitations or advertising, or other similarly inappropriate or offensive comments or material will be removed from the site. You are fully responsible for the content you post. The opinions expressed in comments do not necessarily reflect the opinions of Hotel News Now or its parent company, STR and its affiliated companies. Please report any violations to our editorial staff.