Hotel chain operator Hilton Worldwide said it has uncovered malicious software on some payment systems that was targeting payment card data for at least four months.
In a statement, Hilton said sensitive information such as cardholder names, payment card numbers, security codes and expiration dates were all potentially compromised. The malware, however, did not target personal addresses and PIN numbers, the company added.
Hilton warned customers they may be affected if they used a card between Nov. 18 and Dec. 5, 2014, or between April 21 and July 27, 2015.
The hotel operator — which also owns the Conrad, DoubleTree and Hampton Inn hotel chains — did not disclose how many people might have been hit by the malware or which locations may have been compromised.
Hilton owns over 4,500 hotels worldwide.
The reveal comes just days after Starwood Hotels & Resorts said hackers had infiltrated its payment systems in North America. Starwood, however, insisted no sensitive information had been stolen during the intrusion.
More broadly, hotels have become a common target for hackers in recent years.
The Trump Hotel Collection, owned by Republican presidential hopeful Donald TrumpDonald TrumpCheney says a lot of GOP lawmakers have privately encouraged her fight against Trump Republicans criticizing Afghan refugees face risks DeVos says 'principles have been overtaken by personalities' in GOP MORE, confirmed in October that the luxury chain had discovered a data breach at seven of its locations.