Cyber Incident Victim: Hilton Garden Inn Cleveland Downtown
Date:
Sep 2021
Location:
United States of America
Summary
A Hilton Garden Inn Cleveland Downtown location experienced a payment card breach involving malware on point-of-sale systems in its food and beverage area over several months. The compromise exclusively affected cards used for transactions in that specific section, with no evidence of exposure for charges applied directly to guest rooms. Payment card details, including credit and debit card information, were potentially accessed by unauthorized parties during this period. The hotel issued notifications advising customers to monitor their financial statements for suspicious activity related to transactions made in the impacted area.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
The Hilton Garden Inn Cleveland Downtown experienced a cybersecurity incident involving unauthorized access to payment card data used in its food and beverage area. Between September 24, 2021, and May 5, 2022, malware infected point-of-sale systems handling transactions in this specific section of the hotel located at 1100 Carnegie Avenue. The compromised systems processed credit and debit card information from customers who made purchases at food and beverage outlets, excluding charges applied directly to guest rooms. The malware operated undetected for nearly eight months, potentially capturing cardholder details during this period. Hotel management became aware of the breach and initiated an investigation, though the exact discovery date remains unspecified in public disclosures. No evidence suggested that other hotel systems or reservation platforms were affected by this intrusion.
On July 14, 2022, the hotel began notifying customers whose payment cards might have been exposed during the breach window. The notification clarified that only transactions processed within the food and beverage area—not room charges—were impacted. Affected individuals were advised to review bank statements for unauthorized activity. The hotel did not disclose the number of compromised accounts or specific malware variants involved. Public reporting indicated no additional remediation offers beyond the fraud monitoring recommendation. The incident highlighted persistent risks associated with point-of-sale malware targeting hospitality sector transactions.