Mandarin Oriental has confirmed that the credit card systems in an isolated number of its hotels in the United States and Europe have been accessed without authorization, according to a company statement. None of the company’s hotels in Asia were affected. The group has identified and removed the offending malware, which it claims was undetectable by all anti-viral systems, and is coordinating with credit card agencies, law enforcement authorities, and forensic specialists to resolve the issue. The breach has only affected credit card data and not any other personal guest data, and credit card security codes have not been compromised, the company said. The group has put additional security measures in place at all of its hotels. Read more over at Krebs on Security.
