Kimpton offers details of credit card security incident

George Sell By George Sell
01 September 2016 | Updated 01 September 2016

US: Kimpton Hotels & Restaurants has revealed the conclusions of its investigation in to a recent credit card security breach.

US: Kimpton Hotels & Restaurants has revealed the conclusions of its investigation in to a recent credit card security breach.

A company statement said: "Kimpton Hotels & Restaurants received a report on July 15, 2016 of unauthorised charges occurring on payment cards after they had been used by guests at the restaurant in one of our hotels. We immediately began to investigate the report and hired leading cyber security firms to examine our payment card processing system. Findings from the investigation show that malware was installed on servers that processed payment cards used at the restaurants and front desks of some of our hotels. The malware searched for track data read from the magnetic stripe of a payment card as it was being routed through the affected server. The malware primarily found track data that contained the card number, expiration date, and internal verification code, but in a small number of instances it may have found the track that also contains the cardholder name."

The incident involved cards used at certain restaurants and hotel front desks from February 16, 2016 to July 7, 2016. A list of the affected hotel front desks and restaurants, along with the specific time frames for each (times vary by location) is located at The site also contains more information on steps guests may take to protect their information.

Kimpton Hotels & Restaurants does not have information available to identify the name and address of restaurant guests. The company be writing to guests who used their card at a front desk during an "at risk time frame". 

The company added: "It is always advisable to remain vigilant to the possibility of fraud by reviewing your payment card statements for any unauthorised activity. You should immediately report any unauthorised charges to your card issuer because payment card rules generally provide that cardholders are not responsible for unauthorised charges reported in a timely manner. The phone number to call is usually on the back of your payment card. We have resolved the issue and continue to work with the cyber security firms to further strengthen our existing security measures. We notified law enforcement and are also working with the payment card networks so that the banks that issue payment cards can be made aware and initiate heightened monitoring on the affected cards."

Be in the know.

Subscribe to our newsletter »

Our Events

Thank you sponsors

Subscribe to our Newsletter »